|
|
|||||||
| Register | Search | Today's Posts | Mark Forums Read |
 |
|
|
LinkBack | Thread Tools | Display Modes |
01-18-2008
|
#1 (permalink) |
|
Drunken Stumbler
Join Date: Jun 2002
Location: Anywhere but Utah
Posts: 1,781
|
Hacking the worlds largest mall
crossposted from the DC forums:
So with the TJX data loss in the news I decided to see if a year later anyone has learned anything. During the busy holiday shopping season, I audited the wireless networks of retailers in West Edmonton Mall, one of the biggest malls in the world. In short: No one has learned anything As well I took the opportunity to scan the bluetooth devices of the shopping public. over 400 devices later, it seems the public needs a bit of schooling on proper bluetooth security The Renderlab: Hacking West Edmonton Mall
__________________
Never drink anything larger than your head! Scaramental Wine Taster for the Church Of WiFi Buy our book: RFID Security "I reject your reality, and substitute my own!" – Adam Savage CoWF WPA Hash Tables |
|
|
|
01-18-2008
|
#2 (permalink) |
|
Psychic Amish Stumbler
Join Date: Jul 2004
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
Posts: 11,532
|
Isn't the Mall of America the worlds largest mall?
__________________
"One of these days, I'm going to cut you to pieces." If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum. Thank you. |
|
|
|
|
01-18-2008
|
#3 (permalink) | |
|
Banned
Join Date: Jul 2005
Location: 14RPV15824543
Posts: 423
|
Quote:
World's Largest Shopping Malls |
|
|
|
|
|
01-18-2008
|
#4 (permalink) | |
|
Managing the iTards.
Join Date: Dec 2002
Location: Ohio
Posts: 5,063
|
Quote:
__________________
I always wanted to have that ideal father son relationship. You know, where I get to see him for like eight hours every other weekend, and send checks to some woman I hate. -- Tucker, Red vs. Blue |
|
|
|
|
01-18-2008
|
#5 (permalink) | |
|
Psychic Amish Stumbler
Join Date: Jul 2004
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
Posts: 11,532
|
Quote:
__________________
"One of these days, I'm going to cut you to pieces." If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum. Thank you. |
|
|
|
|
|
01-18-2008
|
#6 (permalink) |
|
Drunken Stumbler
Join Date: Jun 2002
Location: Anywhere but Utah
Posts: 1,781
|
It all depends on how your measuring things and what counts. Some lists don't take the amusement park or water park into account.
At any rate, it's friggin huge.
__________________
Never drink anything larger than your head! Scaramental Wine Taster for the Church Of WiFi Buy our book: RFID Security "I reject your reality, and substitute my own!" – Adam Savage CoWF WPA Hash Tables |
|
|
|
|
01-18-2008
|
#7 (permalink) | |
|
Managing the iTards.
Join Date: Dec 2002
Location: Ohio
Posts: 5,063
|
Quote:
__________________
I always wanted to have that ideal father son relationship. You know, where I get to see him for like eight hours every other weekend, and send checks to some woman I hate. -- Tucker, Red vs. Blue |
|
|
|
|
|
01-18-2008
|
#8 (permalink) |
|
root\.workspace\.garbage.
Join Date: Aug 2003
Posts: 4,735
|
Nice article. Because I notice these things you may want to run grammar check there's some issues with allot/alot/a lot and use of possesive.
I've used a few wireless barcode scanner from Symbol. Some are just WM2003 PDA running proprietary frontends to the the backend SQL database. They send the barcode being scanned back. And they play solitare  I've got a symbol wireless scanner at my desk now for a client. I'll grab the FCC ID. It pairs with the base. But I don't believe it normal 2.4Ghz wireless. The local supermarket uses bluetooth scanners at the checked (paired with base stations) Oh and if you want to have fun. Watch the bluetooth for people's name and them call them out to see who looks. If you're really evil you take it farther. Ned? Ned Ryerson?!
__________________
No matter where you go, there you are. ┌──────────────────────────────┐ ╞ NS Icons Explained|et hoc genus omne ╡ └──────────────────────────────┘ Last edited by beakmyn : 01-18-2008 at 05:50 PM. |
|
|
|
|
01-18-2008
|
#9 (permalink) | |
|
Psychic Amish Stumbler
Join Date: Jul 2004
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
Posts: 11,532
|
Quote:
__________________
"One of these days, I'm going to cut you to pieces." If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum. Thank you. |
|
|
|
|
|
01-18-2008
|
#10 (permalink) | |
|
Drunken Stumbler
Join Date: Jun 2002
Location: Anywhere but Utah
Posts: 1,781
|
Quote:
I can understand things like the symbol barcode scanners not being able to support WPA, but that scares me when that network hooks into your database and presumably is not scrubbing the input. Lot's of stock can go missing quickly if the database is tinkered with
__________________
Never drink anything larger than your head! Scaramental Wine Taster for the Church Of WiFi Buy our book: RFID Security "I reject your reality, and substitute my own!" – Adam Savage CoWF WPA Hash Tables |
|
|
|
|
|
01-18-2008
|
#11 (permalink) | |
|
Psychic Amish Stumbler
Join Date: Jul 2004
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
Posts: 11,532
|
Quote:
BarCode Thieves Steal from Walmart Stores and Target - Mr Wave Theory
__________________
"One of these days, I'm going to cut you to pieces." If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum. Thank you. |
|
|
|
|
|
1 Week Ago
|
#13 (permalink) |
|
Drunken Stumbler
Join Date: Jun 2002
Location: Anywhere but Utah
Posts: 1,781
|
Quick update.
Greyhatter and others were curious about the number of WEP/WPA/OPEN nets discovered. I ran some quick tools to get stats. These include the public nets for the mall and hotel, but still give you an idea of what's there: The Renderlab: Statistics for wireless devices in West Edmonton Mall For the impatient: Total found Networks: 489 Access-Points: 427 / 87% Ad-Hoc: 5 / 1% Other: 57 / 12% WEP encrypted: 105 / 21% WPA encrypted: 136 / 28% Not encrypted: 248 / 51% Hidden ESSID: 79 / 19% Channel: 1: 117 / 24% 2: 2 / 0% 3: 5 / 1% 4: 10 / 2% 5: 2 / 0% 6: 165 / 34% 7: 3 / 1% 8: 8 / 2% 9: 6 / 1% 10: 1 / 0% 11: 113 / 23% 12: 0 / 0% 13: 0 / 0% 14: 0 / 0%
__________________
Never drink anything larger than your head! Scaramental Wine Taster for the Church Of WiFi Buy our book: RFID Security "I reject your reality, and substitute my own!" – Adam Savage CoWF WPA Hash Tables |
|
|
|
|
6 Days Ago
|
#14 (permalink) |
|
Dirty Ol' Man
Join Date: Jan 2006
Location: If you find out, let me know!
Posts: 394
|
I think I'll take my EEE PC to the mall with me on my next trip and see what I get there. Will not be able to do GPS as it is fully enclosed but it would be interesting to see how many there are at this mall.
I was standing outside the Apple Store today and picked up 12 Apple's (Mostly Air and iMAC) and 4 phones running bluetooth. I think that would be a good thing to scan at the mall also - what bluetooth devices are running. |
|
|
|
|
6 Days Ago
|
#15 (permalink) | |
|
Cajun from Hell
Join Date: Feb 2005
Location: Capitol City, Louisiana
Posts: 2,895
|
Quote:
This is what I do because I hate to shop, so I sit in the van and scan. Oh and before someone says something. No I have never been questioned by security. I don't look as suspicious as some of you do. Even in a van.
__________________
"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways -Cabernet Sauvignon in one hand - chocolate in the other - body thoroughly used up, totally worn out and screaming "What a ride!!" |
|
|
|
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
