Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Wireless Networking Hardware Your Rights Online

Confessions of a Wi-Fi Thief 849

Posted by CmdrTaco
from the is-that-a-bandwidth-in-your-pocket dept.
Michelle Shildkret from Time wrote in to tell us about a story about "the ethics of stealing Wi-Fi. Many of us been guilty of the same crime at one point or another — according to the article, 53% of us at least. But how guilty do we really feel? As it is officially a crime to steal wi-fi (Title 18, Part 1, Chapter 47 of the United States Code, which covers anybody who 'intentionally accesses a computer without authorization or exceeds authorized access')."
This discussion has been archived. No new comments can be posted.

Confessions of a Wi-Fi Thief

Comments Filter:
  • Not a thief (Score:5, Insightful)

    by xtracto (837672) * on Thursday June 19, 2008 @09:31AM (#23856269) Journal
    "intentionally accesses a computer without authorization or exceeds authorized access")."

    Then, I have never stolen WiFi. I have never accessed without authorization; as I have never cracked a WEP or WPA password scheme.

    Everytime I use an available wireless network, I instruct my computer to ask for permission to connect to the router and enter to the wireless network. And most of the time the router gives me such permit and assigns my router an IP. When it does not happen, then I assume the owner has instructed the router to give permission to specific machines (as in, machines with a specific MAC adddress) and hence I do not use such networks.

    Seriously, someone must create an interface in which a person is able to send the commands manually to the router (like the AT commants in a modem) to ask for connection permission (i.e., DHCP protocol). That way, when you are in court, you could use that program along the court's wifi to show them how you are indeed asking for permission and the software is granting you the permission.

  • I ain't a theif (Score:1, Insightful)

    by Anonymous Coward on Thursday June 19, 2008 @09:34AM (#23856365)
    Since it says intentional, that means the fact that 30-50% of the time I connect to one of my many neighbors routers rather than my own, since I don't plan to do so it ain't stealing. Of course since I have an open policy and allow my neighbors on my wi-fi as well, it means they ain't stealing. We're just sharing what we ought to in a nice neighborly manner.
     
  • by idiot900 (166952) * on Thursday June 19, 2008 @09:35AM (#23856377)

    As it is officially a crime to steal wi-fi (Title 18, Part 1, Chapter 47 of the United States Code, which covers anybody who "intentionally accesses a computer without authorization or exceeds authorized access")."
    Would this apply to an access point which advertises its SSID and doesn't demand credentials from users? I would argue that it authorizes everyone to use it. To draw an analogy, it isn't just leaving your front door unlocked, it's leaving it unlocked and putting up a sign that says "Please come in!". So I don't see how accessing an open access point is a officially a crime.

    But then again, I'm not a lawyer.
  • How Guilty? (Score:5, Insightful)

    by stewbacca (1033764) on Thursday June 19, 2008 @09:38AM (#23856435)
    How guilty do I feel when my computer/phone/whatever connects to a wide-open wifi signal without even prompting me to do anything? How about, "not at all"?
  • Re:Not a thief (Score:5, Insightful)

    by Rinisari (521266) on Thursday June 19, 2008 @09:41AM (#23856509) Homepage Journal
    Exactly the defense that anyone would should use. If the plaintiff says, "Well, I didn't explicitly grant you permission to use my network," then you can fire back, "You did when your router gave me explicit permission by assigning me an IP address and giving me a gateway by which I could access the Internet. Essentially, I asked if I could use the network, and, acting on your behalf since you set it up, it said I could when it gave me the information required to use the network."
  • Re:no theft here (Score:4, Insightful)

    by KingArthur10 (679328) <(arthur.bogard) (at) (gmail.com)> on Thursday June 19, 2008 @09:41AM (#23856513)
    Routers/Access Points are computing devices more sophisticated than the computers of the early 80s.
  • Re:Not a thief (Score:5, Insightful)

    by palegray.net (1195047) <philip.paradis@[ ... t ['pal' in gap]> on Thursday June 19, 2008 @09:42AM (#23856551) Homepage Journal

    Then, I have never stolen WiFi. I have never accessed without authorization; as I have never cracked a WEP or WPA password scheme.
    That's the key to the whole debate. I've had a WiFi router at my home and various offices for years. If I enable features designed to limit access (MAC address checking, WEP/WPA encryption, etc) and someone tries to spoof and/or brute force their way into my network, that's theft of service and unauthorized access. If my router is set up for wide open access, I'm granting permission for anyone to use it.

    In general, laws are designed to work like this: that which is not expressly forbidden is permitted. We're talking about radio waves here; before anyone starts up with some dumb analogy to parked cars and leaving the keys in them, consider this: when you use a resource I have made freely available, you're not denying me access to it. Someone might make the argument that excessive use of my resource would degrade its usefulness to the primary (owning) party, but that's easily remedied using simple protection schemes (either block access entirely, or throttle access to unauthenticated clients). I've done exactly this in numerous cases, using various router packages.

    Here's a sad, but interesting article: Man charged with wireless trespassing [cnn.com] from July of 2005. To quote a section:

    Wireless networks are becoming more prevalent with the spread of broadband Internet access, and many consumers are not aware of how to configure their networks to avoid unauthorized access.
    This man was charged with a felony because the owner of the connection failed to educate himself on how to use a point and click interface to secure a home wireless router. Was he up to no good? Maybe, but we don't know for sure, and it's beside the point. If someone were to use my connection for criminal activities, it becomes my problem to prove it was the third party's actions, and not my own that led to the violation of law. He's "innocent until proven guilty" the same as I am. This is why companies (at least ones that aren't interested in getting sued) track their network access and provide authentication schemes.
  • Re:no theft here (Score:3, Insightful)

    by SQLGuru (980662) on Thursday June 19, 2008 @09:42AM (#23856555) Journal
    If your LinkSys router is running some flavor of Linux, is it not a computer? Even your microwave is a computer.

    In this case, you aren't accessing the computer, you are communicating with it.....you are accessing the NETWORK without (human) permission.....which the law (as stated in the summary) doesn't cover that situation.

    Layne
  • Re:Not a thief (Score:2, Insightful)

    by Cerberus7 (66071) on Thursday June 19, 2008 @09:42AM (#23856559)
    Does the law already consider an open, unencrypted network as implicitly giving permission, or is it written to say that if the person who owns that open, unencrypted network has not given permission then it's illegal?

    What you say makes sense, but I don't expect the law to make sense.
  • by Toe, The (545098) on Thursday June 19, 2008 @09:46AM (#23856647)
    Indeed. I don't know how the law is interpreted, but I cannot imagine how anyone who broadcasts an unencrypted radio signal can complain if someone else picks up that signal. It would be like a TV station claiming that you are stealing their content because you tuned into their channel.

    You could say that a wifi router is different from TV because the activity is two-way: but the wifi router chooses to respond to me. If the owner of the router never bothered to tell their router not to respond to me, then is it my fault that it does? Am I guilty if my computer merely pings their router because it created a response on that router? They are the one who initiated the communication by broadcasting hello packets.
  • Re:Not a thief (Score:5, Insightful)

    by Animaether (411575) on Thursday June 19, 2008 @09:47AM (#23856685) Journal
    "as I have never cracked a WEP or WPA password scheme"
    Have you ever spoofed a MAC address?
    Have you ever connected to an access point that did not broadcast its SSID?
    Have you ever connected to an access point that says "private", "stay out", or otherwise?

    If 'yes' to any of the above; I don't know about the U.S. law, but in The Netherlands you would still be guilty of "computerhuisvredebreuk"; meaning so much as tresspassing on a computer network

    Then again, a great many people seem to think that even WEP encryption is an open invite to use the system, given the easy of cracking it.
  • Re:Not a thief (Score:5, Insightful)

    by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Thursday June 19, 2008 @09:47AM (#23856703) Homepage Journal

    Does the law already consider an open, unencrypted network as implicitly giving permission, or is it written to say that if the person who owns that open, unencrypted network has not given permission then it's illegal?

    How does the law answer the same question about websites?

  • tsoat (Score:5, Insightful)

    by Tsoat (1221796) on Thursday June 19, 2008 @09:48AM (#23856717)
    Encrypt your signal or expect people to use it. It's that simple folks
  • Re:Not a thief (Score:5, Insightful)

    by Alex Belits (437) * on Thursday June 19, 2008 @09:49AM (#23856745) Homepage
    This is US -- we don't have real laws that get updated with precise description of what is and isn't a crime. "The law" is whatever the last time judge decided after hearing a shouting match between two attorneys.
  • Re:Not a thief (Score:5, Insightful)

    by palegray.net (1195047) <philip.paradis@[ ... t ['pal' in gap]> on Thursday June 19, 2008 @09:52AM (#23856829) Homepage Journal
    I've never done any of the things you describe, because I consider them to be highly unethical. In my mind, connecting to an unadvertised resource fails the ethics test because there's no way anyone could reasonably imply that consent was given.

    Those who crack networks by breaking WEP, spoofing keys, or other measures should be held legally accountable. People who merely access an open, advertised resource shouldn't be at risk of going to prison.
  • by Se7enLC (714730) on Thursday June 19, 2008 @09:52AM (#23856833) Homepage Journal
    To extend on that analogy - it's not like the front door of your house, it's like the door of a business.

    An advertised SSID is identifying an available service. Just like a sign that says "bookstore" or "Starbucks" advertises the service available inside.

    When I walk up to the door of the starbucks, I pull on the handle. If it's locked, I assume it's closed and I leave. If it's open, I go inside. Same with a wifi access point. If they have an advertised SSID and don't set a password it's the same as putting up a business sign and having the door unlocked.

    In fact, a number of companies use this exact business model for wireless. Starbucks, TMobile, etc.

    1). Connect to a wireless network without explicit authorization
    2). Open a web browser.
    3). A web page displays asking for credit card payment or other credentials for use.

    On an open network, you're already surfing google before you get to step 3. And if that is committing a crime, so is accessing starbucks wireless.
  • Re:no theft here (Score:4, Insightful)

    by sm62704 (957197) on Thursday June 19, 2008 @09:57AM (#23856945) Journal
    Your subject is correct, the summarry is wrong.

    steal [reference.com]
          Audio Help /stil/ Pronunciation Key - Show Spelled Pronunciation[steel] Pronunciation Key - Show IPA Pronunciation, verb, stole, stolen, stealing, noun
    -verb (used with object)
    1. to take (the property of another or others) without permission or right, esp. secretly or by force: A pickpocket stole his watch.
    2. to appropriate (ideas, credit, words, etc.) without right or acknowledgment.
    3. to take, get, or win insidiously, surreptitiously, subtly, or by chance: He stole my girlfriend.
    4. to move, bring, convey, or put secretly or quietly; smuggle (usually fol. by away, from, in, into, etc.): They stole the bicycle into the bedroom to surprise the child.
    5. Baseball. (of a base runner) to gain (a base) without the help of a walk or batted ball, as by running to it during the delivery of a pitch.
    6. Games. to gain (a point, advantage, etc.) by strategy, chance, or luck.
    7. to gain or seize more than one's share of attention in, as by giving a superior performance: The comedian stole the show.
    -verb (used without object)
    8. to commit or practice theft.
    9. to move, go, or come secretly, quietly, or unobserved: She stole out of the house at midnight.
    10. to pass, happen, etc., imperceptibly, gently, or gradually: The years steal by.
    11. Baseball. (of a base runner) to advance a base without the help of a walk or batted ball.
    -noun
    12. Informal. an act of stealing; theft.
    13. Informal. the thing stolen; booty.
    14. Informal. something acquired at a cost far below its real value; bargain: This dress is a steal at $40.
    15. Baseball. the act of advancing a base by stealing.
    --Idiom16. steal someone's thunder, to appropriate or use another's idea, plan, words, etc.

    Accessing a hotspot without authorization may be a crime, but so is smoking pot. Is smoking marijuana "thieft"?

    You are correct, TFS is wrong. If I steal your truck you don't have access to your truck. If I hide in its bed and ride downtown with you without your knowledge, it may be wrong and it may be illegal but I didn't steal anything.
  • by jbash (784046) on Thursday June 19, 2008 @09:58AM (#23856959)
    I just want to point out that whether it's a crime or not to tap into your neighbor's wi-fi misses the point. Whether it's illegal or not, it is unethical. Here's why:

    1. It puts your neighbor at risk for any illegal activities done by you that get traced to their IP address.

    2. It boosts their bandwidth use higher than it otherwise would have been. Even if this doesn't directly harm them, it causes indirect harm to all the ISP's paying users because they have to subsidize your freeloading.

    If you're stealing wifi right now, do the right thing and pay for it. SOMEONE has to pay for it, and it's not right to have someone else pay for you.
  • by random coward (527722) on Thursday June 19, 2008 @09:59AM (#23856983)
    I thought that law was unenforceable, since the RIAA violates it routinely and it is never enforced against them.
  • Re:Not a thief (Score:3, Insightful)

    by Bandman (86149) <.moc.liamg. .ta. .namdnab.> on Thursday June 19, 2008 @09:59AM (#23856989) Homepage
    I completely agree with your viewpoint.

    I've never been one of those people who feels like an unlocked door is an invitation, but call me old fashioned.
  • by despe666 (802244) on Thursday June 19, 2008 @10:01AM (#23857015)
    Here are a few reasons why this is a bad idea. 1. You are accountable for any illegal activity that happens on your account. Your neighbor may not be tech savvy, but wait until their nephew or grandson shows up and wreaks havoc on Limewire. 2. I assume this is not a problem for you, but by default, security software usually put the LAN in a trusted zone. Malware may spread quickly on a LAN you do not have control over. 3. If one of them discovers the joys of bittorrent, you can kiss your bandwidth limit goodbye (assuming you have one). My wi-fi is protected by WPA and MAC filters. It may not be 100% foolproof (what is anyways?), but it will keep most if not all of the trouble out.
  • Re:Not a thief (Score:3, Insightful)

    by morgan_greywolf (835522) * on Thursday June 19, 2008 @10:02AM (#23857053) Homepage Journal
    Well, I sasked your door permission to open by turning the handle, and when it did, since it was unlocked, I entered your house while you were gone today.

    Since nothing was bolted to your floor, I proceeded to help myself to your TV and associated A/V equipment, your PVR, your Playstation 3, and your Wii. Additionally, your study door similarly allowed me to enter your study, where I noticed some computer equipment that wasn't chained to the desk, so I left with that, too.

    Since your doors granted me permission to enter your house, and they were acting on your behelf since they are on your house, you have no reason to complain.

    Right?
  • Re:Not a thief (Score:4, Insightful)

    by bryce1012 (822567) on Thursday June 19, 2008 @10:03AM (#23857079) Journal
    An excellent point, and it makes me wonder... Could that judge with all the "porn" on his "website" file criminal charges against whomever dug that stuff up? After all, I'm pretty sure he didn't explicity grant them permission.
  • by Jaywalk (94910) on Thursday June 19, 2008 @10:05AM (#23857147) Homepage

    Now, regularly using a neighbor's wireless to avoid needing to pay for your own ISP (unless you have an agreement to split the cost - Of course, the ISPs hate this, but I see no ethical problem with it) or downloading kiddie porn or sucking a large portion of the available bandwidth... That gets into abusive territory, and such people should feel guilty.
    If we're looking for a "legal" definition, these activities (with the exception of the kiddie porn) are unethical rather than illegal. If someone leaves a WAP open with the understanding that others may use it, they're leaving themselves open to others who abuse the privilege. A bit like telling the neighbors they can borrow stuff from the workshed and assuming they'll return it in good condition. Those who abuse the privilege should feel guilty, but they shouldn't be arrested.

    And if the neighbors ain't neighborly, it's time to padlock the workshed.
  • by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Thursday June 19, 2008 @10:06AM (#23857155) Homepage Journal

    Am I guilty if my computer merely pings their router because it created a response on that router? They are the one who initiated the communication by broadcasting hello packets.

    Complicating matters is that certain popular OSes (XP, I'm looking at you) tend to auto-connect to the strongest signal available, no matter how nicely you ask them to stop doing that. If you're closer to your next-door neighbor's WAP than your own, and Windows decides to use his without asking your permission or even telling you, then can you really be considered guilty of anything? And doesn't that mean that the world's largest OS vendor considers "default allow" to be the correct interpretation of WAP etiquette?

    As little as I'm a fan of MS, I think "that's the way Windows does it automatically" would be a pretty good defense against criminal intent, even if a jury disagreed with the legality of the actions themselves.

  • Re:Not a thief (Score:3, Insightful)

    by heckler95 (1140369) on Thursday June 19, 2008 @10:08AM (#23857219)
    No personal offense intended, but if somebody is not knowledgeable enough to figure out how to properly setup the security of a wireless router to match their "desire", as you put it, then one would hope that they would be responsible enough to seek professional assistance, or at the very least, return the router for an easier-to-use model.

    Many of the latest consumer routers actually disable the wireless option at the factory, requiring the user to click through a simple wizard interface and explicitly choose whether to enable or disable security before the radio is turned on.

    How is this any different from setting up a web server on the internet with a published domain name containing sensitive information with no password protection or other authentication? Should anybody who attempts to gain access be imprisoned? I would hope that most reasonable judges would see this deliberate act as implicitly granting permission, even if it is an act of omission.
  • Re:Not a thief (Score:5, Insightful)

    by phoenix.bam! (642635) on Thursday June 19, 2008 @10:10AM (#23857263)
    Bad analogy. I ring your doorbell and a ticket drops from the mail slot that says "You're free to enter the house and watch some tv."
  • by Anonymous Coward on Thursday June 19, 2008 @10:13AM (#23857339)
    but the wifi router chooses to respond to me.

    This is crucial. The Wifi Router is NOT a person. PEOPLE grant authorization to use wireless routers, not routers. So there is an issue of intent here.

    What would you say about these cases?
    1) Person has linksys router, with default SSID, and open access.
    2) Person has router, with SSID 'freeInterButts', and open access.
    3) Person has router, with SSID 'private', and open access.
    4) Person has router, with strong encryption.

    Authorization is only granted BY A PERSON in case 2. Yes, the other cases are common, and 1 and 3 are stupid. I don't dispute that.

    Am I guilty if my computer merely pings their router because it created a response on that router?

    This is pretty interesting. If you think router users should be on the hook for what their routers do automatically, you should be on the hook for what your laptop does automatically. After all, you can configure your laptop to NOT respond to Hellos or initiate SSID lookups (which are initiated client-side).

    Obviously, there is an issue of intent here too.
  • by russotto (537200) on Thursday June 19, 2008 @10:17AM (#23857417) Journal

    The DHCP package you take as an invitation was interpreted by the court as a telecommunication message not intended for the recipient and thus illegal to read.


    Which is insane, as the DHCP reply packet was actually _addressed_ to the recipient. But why should the law be sane? Much easier to start with the conclusion (Guilty, guilty, guilty! Burn the hacker!) and come up with some plausible sounding justification for it.
  • Re:Not a thief (Score:5, Insightful)

    by gurps_npc (621217) on Thursday June 19, 2008 @10:18AM (#23857445) Homepage
    1. The door does not act in your example, the router DOES act. A more accurate analogy would be: I asked your door to open for me AND IT DID OPEN. Not impossible, as many businnssess have doors that automatically open. 2. You had people STEAL things instead of simply enter the house and watch TV. We are describing someone enter the wifi connection and use it to connect to the internet, NOT take other things. Stop trying to ADD real crimes that we are NOT discussing. God, is it THAT hard to pay attention to our points or do you just ignore people that disagree with you and make up vile lies?
  • Re:Not a thief (Score:5, Insightful)

    by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Thursday June 19, 2008 @10:22AM (#23857549) Homepage Journal

    Bad analogy. I ring your doorbell and a ticket drops from the mail slot that says "You're free to enter the house and watch some tv."

    That was even worse. More accurate analogy: you have a loudspeaker shouting "HI! COME IN!" to all passersby. I ring your doorbell, and a key to the house and a nametag pops out of the mail slot.

    Don't want me in your house? Don't advertise free admission then give me a key and a nametag.

  • by GameboyRMH (1153867) <`gameboyrmh' `at' `gmail.com'> on Thursday June 19, 2008 @10:24AM (#23857605) Journal
    You ring the doorbell, a ticket drops from the mail slot that says "You're free to enter the house and watch some TV", and the door swings open for you, and a lighted path to the TV illuminates on the floor. Valuable objects may be in plain view, but messing with them in any way wouldn't be ethical, since they are clearly personal, whereas access to the TV isn't.
  • Re:Not a thief (Score:5, Insightful)

    by Anonymous Coward on Thursday June 19, 2008 @10:25AM (#23857639)
    I liken using somebody's unsecured wireless network to listening to a neighbor's music that they play loud enough for me to hear. I didn't ask my neighbor to send wifi signals into my home.
  • Re:Not a thief (Score:2, Insightful)

    by DoctorDeath (774634) on Thursday June 19, 2008 @10:36AM (#23857889)
    but a router is not a computer, it is an access device to the ISP
  • Re:Not a thief (Score:5, Insightful)

    by McDutchie (151611) on Thursday June 19, 2008 @10:37AM (#23857923) Homepage

    So it's more like entering an unlocked house to take a sip from the faucet. The only crime committed is that you didn't pay for bottled water.

    Except that you didn't enter any house. Your neighbour is transmitting their open-access signal into your own house for you to use. Your analogy is therefore broken.

  • Re:Not a thief (Score:5, Insightful)

    by eebra82 (907996) on Thursday June 19, 2008 @10:39AM (#23857963) Homepage
    I hate the house analogy when used in these debates. What if someone sets up a WiFi zone that covers dozens of apartments? Are you basically saying that there is a house - that you may or may not enter - in my apartment? This is where that analogy fails, because a house is still property. My apartment is, however, my property and what's in it is rightfully mine.

    The WiFi, if not secured, is simply private space because there is no sign that prohibits trespassing. Why the hell should I be a criminal if someone penetrates my apartment with WiFi signals that are not secured by password?

    By breaking through the encryption, you're obviously doing something criminal. But that's something entirely different, too..
  • Re:Not a thief (Score:5, Insightful)

    by xtracto (837672) * on Thursday June 19, 2008 @10:44AM (#23858115) Journal
    If you leave the network, the bandwidth will still be there.

    That could presumably be false if whoever is paying for the service pays for a limit GB/month allowance
  • Re:Not a thief (Score:3, Insightful)

    by XenoPhage (242134) on Thursday June 19, 2008 @10:51AM (#23858255) Homepage
    You know.. if the neighbor is playing loud music, you can complain to the authorities about that... I wonder if the same is true for wifi signals? I realize that the loud music is generally an ordinance thing, but still..

    I wonder if there's a case there for high population areas where there are lots of wifi signals... There are only 14 channels, 3 of which don't overlap... Can you sue for interference? (not that I'm sue happy, just curious..)
  • California law (Score:5, Insightful)

    by BasharTeg (71923) on Thursday June 19, 2008 @11:20AM (#23859023) Homepage
    Just for everyone's entertainment, the california statute that applies is:

    California Penal Code Section 502(c)(3) and 502(c)(7).

    And for all of the idiots stating that the "router" gave them permission, give me a break. The router isn't a legal entity, and only works in the way you interact with it. Just like the door knob.

    I twisted the doorknob (initiated association with the accesspoint), and the doorknob gave me permission to enter by retracting the latch (allowing me to associate and giving me a DHCP lease). The owner of the door could have configured the door differently, by engaging the lock mechanism (using WEP or WPA), so since he didn't I'm free to enter and watch his HBO (use his broadband internet access). I'm not "stealing" from him, because it's not like he has less HBO (internet) now that I've viewed some of his HBO (internet).

    A big part of what a lot of people are missing is, even if you had a point regarding associating with his wireless network because it is open (which you don't), that only gives you authorization to access his LAN. You still have no right to use his paid broadband internet services. You don't have that right, because you aren't paying the ISP, and because the owner of the access point doesn't have the right to share or transfer his right to use his internet service with all of his neighbors, just like I don't have the right to share my HBO programming with all of my neighbors. It's called theft of service. Even if you claim the right to access the wireless owner's network, you certainly do not have permission to access the ISP's network. And even if I run coax down my lawn, and put a coax jack at the end of my property so that people on the sidewalk can screw into it and watch HBO, that doesn't mean I have any right to share my HBO or that you have any right to leech service that you're not paying for.

    Using someone else's wifi is a crime, because you're not just accessing their network, you're accessing their ISP's network without permission. Giving away your wifi by intentionally hosting open access points is very likely a breach of your contract with your ISP.
  • Re:Not a thief (Score:3, Insightful)

    by Spy der Mann (805235) <spydermann.slashdot@nOsPaM.gmail.com> on Thursday June 19, 2008 @11:35AM (#23859353) Homepage Journal
    You're right... because the "intruder" does not take ANY PROPERTY AWAY from the wifi "provider/victim".

    The case of wifi is very particular because the user pays a FIXED FEE. Not even plugging your tv on your neighbor's house would be equivalent.
  • Re:Not a thief (Score:3, Insightful)

    by PFI_Optix (936301) on Thursday June 19, 2008 @11:39AM (#23859437) Journal
    Sure. I found your car key in your house (the door was unlocked, remember) and took it for a drive. I returned it safe and sound, so what's the harm?

    What do you mean you don't have an unlimited gasoline supply? You pay per gallon? What?

    Satellite internet providers will throttle a user down siginificantly if their use exceeds so many GB per month. By using their wireless network, you are consuming bandwidth they pay for and causing them to be throttled when they might not be if you hadn't connected. Not to mention people who actually do pay per MB/GB.

    An unsecure wireless network is NOT an invitation, and negotiating a network connection does not equate implied permission to use the network. Just because you can do something unimpeded does not make it okay. I've seen malfunctioning routers that SHOULD be using encryption fail do to so. The configuration showed encryption as being active, but it worked as an open access point.
  • Re:Not a thief (Score:1, Insightful)

    by wolferz (1173471) on Thursday June 19, 2008 @12:06PM (#23860015)
    ... that is rather ridiculous. Perhaps next you will tell me that, because I left my car door unlocked and the keys in the passenger seat, my car is giving you permission to steal it from me.

    Never mind the obvious stupidity in leaving myself open like that. That's not the issue. The issue is you are saying leaving myself open makes it not stealing. Computers/routers can't give you permission to access them in the legal sense as computers and routers do not have the capacity to reason. They can give you permission to access them no more than the wall of a building can give you permission to paint graffiti on it. They are only doing what they are designed to do based on the original designers intent, not the intent of the owner, and certainly not their own intent since they can't have intent.

    If the router came pre-secured and the owner had intentional removed such protections it could be argued, likely without success, that they were giving every one implied permission to use the device. However, since such devices typically come with all such safeguards turned off and since most users do not understand nor care to understand the implications of such the courts will rule the such permission is not implied.

    The permission you speak of is purely an IT concept and is different from the permission required by the law the same way a bank that you place your money in is different from a bank that helps you maintain speed through a curve on the freeway. One means that access has been granted by one computer to another computer and does not imply that you, the person at the computer, are supposed to have permission to use it, simply that you successfully gained access but not necessarily not authorized access. The other means that you were expressly given permission to use something... and worth noting is that that permission applies even if for some reason you CAN'T access it because of, for example, the inability to authenticate (ie you are authorized but you don't have access).
  • Re:Not a thief (Score:5, Insightful)

    by SeekerDarksteel (896422) on Thursday June 19, 2008 @12:10PM (#23860099)
    An unsecure wireless network is NOT an invitation, and negotiating a network connection does not equate implied permission to use the network.

    Did you check your email this morning? If so, did you call up Google or Yahoo or your ISP or whoever provides it and ask them if you had permission to connect to their server?

    Did you call the person hosting TFA before clicking on the link asking if you had permission to access their server?

    Of course not. That's preposterous. Because the nature of a computer network is DEFAULT ALLOW. If it were not, the internet as we know it today would be impossible. Quite literally, the fact that I _can_ connect to a webserver makes it okay. The fact that I _can_ connect to an SMTP or POP3 server implies I have permission. And the fact that a wireless router grants my laptop an IP address is literally the router saying "Feel free to use me however you want."

    Just because people don't realize this fact doesn't make it any less the case. Otherwise, I could set up a webserver, buy a domain, then sue anyone who connects to my webserver for accessing my computer without my permission. I pay per GB of bandwidth the server uses, how dare you connect to _my_ webserver and use _my_ bandwidth.
  • Re:California law (Score:4, Insightful)

    by SanityInAnarchy (655584) <ninja@slaphack.com> on Thursday June 19, 2008 @12:12PM (#23860147) Journal

    And for all of the idiots stating that the "router" gave them permission, give me a break. The router isn't a legal entity, and only works in the way you interact with it.
    Just like a laptop -- many of which are configured to auto-connect to any open wireless.

    I twisted the doorknob (initiated association with the accesspoint), and the doorknob gave me permission to enter by retracting the latch (allowing me to associate and giving me a DHCP lease).
    Never mind that the doorknob also had a little built-in speaker screaming "Hey everyone! Free stuff in here!" (SSID broadcast.)

    I'm not "stealing" from him, because it's not like he has less HBO (internet) now that I've viewed some of his HBO (internet).
    Except he does. If he's on a metered service, he does have less Internet. Even if he's not, I'd be sucking down bandwidth, possibly lagging him out if he's on at the same time.

    that only gives you authorization to access his LAN. You still have no right to use his paid broadband internet services.
    No, the fact that the same DHCP lease also included information about available gateways and DNS servers, and that the DNS servers responded, and the gateway let me through -- I think that pretty much constitutes an invitation to use his broadband.

    You don't have that right, because you aren't paying the ISP, and because the owner of the access point doesn't have the right to share or transfer his right to use his internet service with all of his neighbors,
    Really? How should I know? Shouldn't that be (again) their responsibility for not sharing their service with me (assuming they don't have that right), rather than my responsibility to ask them (and then their ISP) for permission?

    What if they tell me it's OK? Surely, if I'm visiting someone's house, there's no meaningful difference between them sharing their Internet with my laptop, or inviting me to use their computer.

    For that matter, if SSID broadcast, working DHCP, working DNS, and a working gateway aren't enough to authorize someone, is there any technological means by which I can declare a wireless network to be open and legal?

    just like I don't have the right to share my HBO programming with all of my neighbors.
    As far as I know, it's still legal to throw your own superbowl party -- invite a few friends over to watch TV with you. So your analogy fails.

    Giving away your wifi by intentionally hosting open access points is very likely a breach of your contract with your ISP.
    Then that is between you and your ISP -- not between every random passerby with an iPhone and your ISP.

    Using someone else's wifi is a crime
    You've fallen into the same trap as the MPAA -- I bet you think sharing copyrighted music is a crime?

    Wrong on both counts. When I go to the coffee shops in this town, they have public wifi set up, deliberately, explicitly as free for their customers -- one of them has a sign in the window from their ISP which advertises it.

    And copyrighted music, of course, is entirely legal to share if you have permission of the copyright holder to do so.
  • Re:Not a thief (Score:3, Insightful)

    by PFI_Optix (936301) on Thursday June 19, 2008 @12:30PM (#23860563) Journal

    did you call up Google or Yahoo or your ISP or whoever provides it and ask them if you had permission to connect to their server? Did you call the person hosting TFA before clicking on the link asking if you had permission to access their server?

    Obviously not, any more than I asked permission to enter a store. A web server is a lot different than a WAP in function and in intent. An unlocked door at a business and an unlocked door at a residence are similar.
  • Pedant? (Score:3, Insightful)

    by rodney dill (631059) on Thursday June 19, 2008 @12:30PM (#23860569) Journal
    I thought you were being the Pink Panther...
    Pedant.... Pedant.... pedant.pedant.pedant...
  • Re:Not a thief (Score:5, Insightful)

    by Fast Thick Pants (1081517) <fastthickpants@gma i l . com> on Thursday June 19, 2008 @12:49PM (#23860985)

    Wait wait, better -- you bulk mail out the invitation to "Occupant", but it doesn't include the key. Instead of getting the cars rekeyed, you just have a giant rack of keys, and you hire a guy, Vito Linksysio, to hand out the keys as needed. Now, you *could* give Vito pictures of people who are allowed to borrow the cars, but that's too much trouble. You *could* tell him that people have to know a password to get a car, but that's too much trouble. So you just tell him to hand a key to whoever shows up.

    And even though you've mailed the invitation to the entire zip code, you're still shocked, shocked to find that strangers are borrowing the cars. How forward of them!

  • Re:Not a thief (Score:3, Insightful)

    by cream wobbly (1102689) on Thursday June 19, 2008 @01:05PM (#23861265)
    Alright, try this one.


    Welcome to Open Unsecured Airways!

    You see: a ticket counter, the OUA representative.

    > ask rep for ticket

    The representative eyes you cautiously and say "Hello sir! Where are you flying?"

    > say "New York"

    The representative rolls his eyes and say "Wonderful! May I see your ID please?"

    > give id to rep

    The representative checks over your ID, fiddles with a "machine" and asks you to place any bags on the conveyor belt.

    The representative gives you back your ID.

    > take id

    You already have it.

    > put bag on belt

    Which bag?

    > put all bags on belt

    Sorry, you're wearing it.

    > put all bags on conveyor belt

    You put the blue bag and the heavy bag on the conveyor belt.

    Your luggage disappears around a corner. We hope you see it again.

    The representative says "Thank you" and offers you a boarding pass.

    > take pass

    You take: the boarding pass

    The representative says "Your flight is at gate H12".

    > Go to gate H12

    You walk along the aisles following the signs to concourse H, and end up at gate 12.

    You see: a gangway, a bathroom, a newstand, a coffee stand

    > enter gangway

    You enter the gangway. You are on a plane. There are a limited number of empty seats.

    > sit in empty seat

    You sit. The flight attendants...

    ...etc.

    Yeah, you should be paying for your own seat on that flight, but since they didn't ask for a ticket authorizing you to fly, nor did they ask you to pay, how would their complaints stand up in court?

    That isn't rhetorical: the answer is "When the courts don't fully understand how flight companies normally operate." My hypothetical company is practically giving away flights. Given that it costs barely more to fly a plane with one extra passenger, the company has no real legal course for recompense. Stowaway? Not if you're given a boarding pass on showing your ID. This is exactly the same situation as "stealing a wifi connection"; and you simply cannot call this "stealing a flight".

    And there's the rub: if people stopped calling it "stealing wifi", and instead termed it more precisely "taking an unsecured open wifi connection", the law would, no doubt, take a different view.
  • Re:Not a thief (Score:4, Insightful)

    by HTH NE1 (675604) on Thursday June 19, 2008 @04:16PM (#23864783)

    Now, I don't know about you but I think that is quite reasonable for now. When we all need 5x10^28 addresses each (not to mention the extra addresses each person can get behind a NAT) then there will be a problem.. in the meantime, "5x10^28 IP addresses should be enough for anyone" ;)
    What I mean is that limits should be unreasonably large or else they will prove to be unreasonably small. A reasonable limit will invariably be proven too low. Preferably, limits should be done away with when at all possible, but if they must exist, let them be unreasonably large.

    Reasonable? If every person required one new IP address every millisecond it would still take 1.58444 x 10^18 years to exhaust them.

    And I meant it jokingly here. IMO IPv6 gets it right by setting a very unreasonable (-ly high) limit. But, since you didn't laugh, I have to be serious now.

    With developments today, I wouldn't be surprised if someone finds a reason to consume huge swaths of IP addresses rapidly. Maybe not by assigning every RFID tag a unique IPv6 address, but who knows how many may actually be in a single product. Or maybe, taking your figure of 5x10^28 IP addresses per person, that's a big address space in which to randomly route packets to prevent their reassembly by an outside party. You may just have to do that to protect your privacy against the ubiquitous microscopic self-replicating cameras floating around everywhere like grains of dust, each with their own IP addresses as well.

    There's another phrase, I think it goes, "Programs will expand to fill available memory." If you give a huge space for IP addresses, expect IP assignments to grow to fill that address space. Even to waste it by doing sparse allocation.

    There are programmers out there today that think not consuming a processor 100% all the time is a waste of processing power, so they write wastefully inefficient code all the time to utilize the processor all the time, ignoring the needs of other concurrent proceses.
  • Re:Not a thief (Score:4, Insightful)

    by mr_matticus (928346) on Thursday June 19, 2008 @04:45PM (#23865227)
    The hell they aren't!

    During business hours, you're a business invitee to the property. You have tacit permission to enter, but the owner can still ask you to leave.

    There is no such license to enter private property. If the owner hasn't expressly authorized your presence, you're trespassing.

    The only way these are similar is that if you use an unsecured wifi network, you must take responsibility for the fact that you may be trespassing. Locked or unlocked, it's still their network. You don't get to enter the house just because the door's open. And before anyone complains about "unsolicited radio waves"--guess what? Radio waves aren't actionable as a nuisance, nor are scents (apart from those indicative of health code violations), nor are the damn photons flying into your eyes. If you want to be certain you're not doing anything improper, seek permission and don't use unsecured networks unless you know you've been authorized. Otherwise, you bear the risk of being at fault for unauthorized access, just like when you go berrypicking in the woods.

Man must shape his tools lest they shape him. -- Arthur R. Miller

Working...