Discovered and Explored by: Magma / p1asm1c / shadow
Written by: Magma (magma@ghu.ca)
Down on the first floor of Union Station in downtown Toronto you'll
find a few pico like computers (remember pico, the Sega learning toy
from a few years ago?). These computers have been dubbed "web
terminals" which are said to be fancied by digital lifestyle users and
miata-driving-pumpkin-pie-hair-cutted-freaks. In short, tech geeks,
business folk and likely students will find these interesting.
Here is a picture.
They are produced by a company called King Canada, you can visit their
site at www.kingcanada.com. You'll notice that the terminals in Union
are not part of their standard product line. These custom build terminals
are named cc100. Which interestingly enough share the same
name as a chicken control unit. The cc100 terminals are very similar
to your computer at home, only these are rubberized and are Smokey the
Bear approved. The OS of choice is Windows 2000 and have a modified version of IE
running. Most users will likely use them for email and reading the
latest on cnn.com. I know I do. If your smarter than the average bear
you'll be able to use these for more then that such as ssh or whatever
other protocol that floats your boat. One thing that could
lead to major problems for Bell is if someone were to use these terminals
as a launching pad for something unfriendly and stupid. My guess
is that they are hoping that won't happen since there isn't anything
preventing such actions. A
recent incident in the UK has come to light where someone is
harvesting online banking information from kiosks similar to the ones
found at union and other locations. If I were to use email off of one
of these kiosks it would be off of some hotmail account and not
include anything important.
Here are the Ip and Phone numbers for two of the web terminals found in union station.
Downstairs:
IP - 64.229.52.178
Phone # - 416.861.9462
Upstairs:
IP - 64.229.58.77
Phone # - 416.861.1730
Note: there are more than two web terminals found. This is just a sample.
Here is the spec sheet for the Web Terminals found:
15-inch active matrix liquid crystal display,
XVGA (1024 x 768 pixels)
Ruggedized touch screen
Intel Celeron 533 megahertz processor or higher
128 Megabytes RAM standard
6 Gigabytes hard disk standard
128 bit graphic controller
MPEG 2 hardware assist
Camera option for video mail or conferencing
Stereo sound, with volume control
Hardware watchdog
AC power supply
Locking mechanism
Windows 2000 Professional operating system
KINGnet. Terminal client software option
Numerous network interface types:
ADSL, analog, ISDN, voice/data, Ethernet, etc.
Optional keyboard and pointing device
Optional card reader
Optional telephone handset and hook switch
Available options include:
Additional RAM
Card Reader (various types)
Bill Acceptor (various types)
Coin Safe
Payment Management Software
Video Conferencing
Voice over IP
Free Bell Canada wireless access.
Back on December 10th, 2002 there was a press release indicating that
Bell will be piloting a test project that brings several free 802.11b
access points to the Ontario corridor. Two of these access points are
located in union station in downtown Toronto. These two will be the
main focus of this article.
The above picture shows the oversize access point. I think it looks
like something out of Apple = ). The large size over the access point
serves two purposes. Firstly, the wireless "box" contains an access
point, a DSL modem which plugs into an existing Cat III voice and DSL
line that is there for payphone services. Secondly, the large size should get the attention of most Bay
Street types who like everything big. I'm sure over time as these
access points (perhaps using a different protocol) become commonplace
and the technology improves the size will go down. You'll notice that
it doesn't have any ports, card readers or coin slots leading me and
others to believe that when the system goes active as a pay-for-use
product it'll require a credit card to use. If, however, there is a
subscription option those users could pay by other methods. In either
case, users would likely be tracked by a their MAC address, a
user/pass login or both. You'll also notice that some people have crammed coins
between the molding of the access point and the protective plastic. Perhaps to
wish good luck upon wireless technology = ).
Bell is being very vague about what security measures they are going
to be using or are using. WEP isn't enabled for obvious reasons (WEP
is pointless if the service is to be given out). As with Bell's Wireless Access
points these products could be used for something underhanded,
something devious, something as the french would say; bartesque.
There is talk that Bell will be one of the
first companies to roll out with access points that implement Wi-Fi
Protected Access (WPA). Wi-Fi Protected Access uses temporal key
integrity protocol (TKIP) that generates new keys every 10k that is sent
across the network. Whereas WEP only generates one static key.
Here is the IP for one of the access points found.
IP - 67.69.0.58
You'll also notice that on 67.69.0.58 8080 there is a webserver happily chugging along.
Here is also a snip from a kismet scan from shadow's laptop.
The Simple Service Discovery Protocol (SSDP) discovery service:
This service discovers Universal Plug and Play devices on your home network.
Source: 192.168.1.1 00:40:05:bd:c9:01 --> Router
Destination: 239.255.255.250 ff:ff:ff:ff:ff:ff --> Broadcast
Here's the info from the Kismet logs:
Network 2: "BELL-ACCESSZONE" BSSID: "00:0B:46:AA:A1:62"
Type : infrastructure
Info : "None"
Channel : 08
WEP : "No"
Maxrate : 11.0
LLC : 8751
Data : 799
Crypt : 0
Weak : 0
Total : 9550
*** Note: the date and time has been removed since i don't wanna be made from security cameras.
Address found via DHCP 192.168.0.100
To conclude, i'd like to say i'm very happy about such products coming into the public domain.
The services they offer are rather cheap when compared to a phone call considering the resourses used and such.
The upside or downside, depending on which side of the fence your on, is that terminals and access points that are
in such busy areas and do not require ID may lead to some silly antics. Having said that, i'm not gonna say anything
like "terrorist could use these to take over the world....". I'm just saying that with a little luck and a keen eye for
cameras and security goons one could pull off a pretty decent dog and pony show.
EOF
........................... Here are some links.
|