Police say Benjamin Smith III, 41, used his Acer brand laptop to hack into Dinon's wireless Internet network.
Yeah, because we all know how much "hacking" is required to use wide open WiFi connections.
Also, the poor guy admitted to using the connection too (unauthorized access to a computer network, which is a third degree felony according to the article). Now, if he would have just asked for a lawyer and then shut up, he probably would have gotten off with just a warning.
Right now you're accessing network that you have no received permission to access. Guarenteed. How can I possibly know? Well heck, you're posting on Slashdot. The whole concept of the Internet is based around a default policy of openness. It is assumed that we have permission to access anything connected to the Internet and that assumption is only revoked by layering an authentication system on top. These people who buy a wireless router, connect it to their network, don't even bother to turn on the a
That is an interesting point that you've brought up.
It is completely opposite way of thought than how American's have previously thought about property. For example how many of you grew up and left doors unlocked to your house or car all the time. I for one never locked my car doors at home nor the front door to my house. It is your private property and you never expect anyone who wasn't welcome to break those boundries, but we have welcomed the Internet with it's complete opposite point of view.
I wonder if this same ideal is why people don't bother securing wireless even when most have some grasp of the reprocutions of not securing their wireless.
...It is your private property and you never expect anyone who wasn't welcome to break those boundries, but we have welcomed the Internet with it's complete opposite point of view...
The difference here is it's wireless. It uses *PUBLIC* airspace/radio frequencies. That's the same line of reasoning the Supreme Court used with regards to the creation of the FCC.
"...It is your private property and you never expect anyone who wasn't welcome to break those boundries, but we have welcomed the Internet with it's complete opposite point of view..."
"The difference here is it's wireless. It uses *PUBLIC* airspace/radio frequencies. That's the same line of reasoning the Supreme Court used with regards to the creation of the FCC."
It's even more than that. The wireless router received a standard, "can I have legitimate credentials on this network?" request in the form of a DHCP lease request. The wireless router replied with valid credentials for that network. The user did not make any malformed requests, did not use any information that he should not have rightfully posessed, and in no way forced his way into the network.
He also properly followed FCC rules regarding the use of wireless equipment.
If the owner of a wireless transceiver, a radio if you will, doesn't want to let that device communicate then they bear the burden of making it not communicate. If they leave it in a mode that allows any public access over frequencies that belong to the public-at-large then they bear the responsibility.
I'd like to see the ARRL and the FCC get involved in this, even though the odds are against this guy having any official licensing from the FCC.
The fact that his computer probably took advantage of the signal by default, that he did not elect to use that signal, the computer just finds it does all the work behind the scenes, should be enough to get him off. The computer is sending data and "accessing" it without express authorization whether the user tells it to or not. It would be like walking down the street and automatically appearing in each unlocked house you did not elect not to enter (to add another metaphor to the flurry).
"It's even more than that. The wireless router received a standard, "can I have legitimate credentials on this network?" request in the form of a DHCP lease request."
Yes, and the real culprit here is the device manufacturers who ship these devices with default open policies to make it easier to just plug and go without knowing anything and without having to configure them on initial setup.
To drive around looking for connections to open wireless access points is called wardriving. In Canada, people who are caught doing this can be arrested for stealing bandwidth. The legality of this practice in the U.S., however, is a bit hazy, and there are many mitigating factors. One is that several organizations deliberately leave access points unencrypted so that people can use them as necessary. Also, many computers with built-in wireless simply grab the first signal they detect. Then there's the trespassing issue: The wardriver isn't trespassing on the router, the router is trespassing on the wardriver's airspace.
Free Access
This issue was brought home to me recently when one of my laptops told me it was ready to install new Windows XP upgrades, even though the laptop was not on a network and my wireless access point was off-line. I discovered that a neighbor's wireless router, named "default," had provided the access. Using my Toshiba's View Wireless Connections option, I saw five nearby networks that I could grab, three of which were unencrypted. Obviously there's plenty of free access around for harried travelers. It seems to me that being able to download your e-mail at an open connection is a good thing.
Look into the legality of this, though, and you hear vague comments like "The FBI doesn't know how legal it is" or "It may be illegal, because you're using someone else's connection or you're spying on their network." This issue will create ridiculous legal problems, which is bad news for both consumers and law enforcement, unless a sensible, national policy can be developed.
Personal and Corporate Responsibility
Let me jump in and propose a simple, logical public policy. Law enforcement doesn't need to get involved whenever some guy in a doughnut shop poaches a nearby Wi-Fi connection to check his e-mail, thinking he's on the shop's network. This shouldn't be a crime, even if he's intentionally poaching. We must put the burden of responsibility on the broadcaster, not the end user. It has to be made clear that people sending open connections all over town should be responsible for them.
Here's what I propose: Once a wireless signal leaves private property, it becomes public domain. If the person transmitting the signal wants it protected, then encryption is up to him or her. If someone beams an Internet connection into my home and I happen to lock onto the signal, he is trespassing on me, not the other way around. Public policy must reflect this logic. Keep it out of my house if you don't want me using it. Keep it out of my car. Keep it away from me in public places.
The Public Interest
This policy makes sense because it lets anyone who wants to provide open access do so without hassle or fear. Groups in San Francisco and Seattle are openly promoting free 802.11 connectivity. Many coffee shops, restaurants, and community groups now provide free wireless access, and directories of these hot spots are easy to find online.
This ubiquity of access is to be encouraged as in the public interest. But it can't happen if the law doesn't make the person transmitting the 802.11 signal responsible, instead of blaming any roaming users who are simply grabbing open connections. If this means that a corporate network is wide open to hackers, because the company doesn't bother encrypting the signal it broadcasts all over town, then so be it.
We must not follow the Canadian model that views using unprotected 802.11 connections as bandwidth theft. My computer grabs wireless signals impinging on my house more often than it grabs my own 802.11 connection. It just does. Agencies shouldn't be required to sort this out; it would be a law enforcement nightmare. In fact, it's
First, I agree with the Metered v. Unmetered argument put forth by another replier. Second, sure go ahead, if you can. When I lived in dorms and apartments, I specifically never used a cordless phone (though I did have a cell phone, but that's worlds harder to fake a call from), just because I knew the broadcast area extended beyond the bounds of my dwelling, and I didn't want people listening in unrestricted, much less placing unauthorized calls. Now at my house, I have a consumer-grade cordless phone that
If the owner of a wireless transceiver, a radio if you will, doesn't want to let that device communicate then they bear the burden of making it not communicate. If they leave it in a mode that allows any public access over frequencies that belong to the public-at-large then they bear the responsibility.
Are you smoking super double-stupid crack today? If any entity, from a police department to a mall cleaning crew, has a radio system then the public isn't free to just use it. That's punishable by law.
If any entity, from a police department to a mall cleaning crew, has a radio system then the public isn't free to just use it
Depends what you mean by "use it". If the device in question was operating on an open frequency, I can't imagine that sending signals to the device, or receiving signals back from it, would be illegal.
Even ham radio repeaters can be "closed" and then if people access them without permission it's intentional interference and can result in fines.
The public is absolutely free to listen in on private systems (except for cellular) but not free to transmit on it. This is because of FCC regs, not because of some twisted interpretation of property law. Besides, we're talking Part 15 stuff when talking about Wi-Fi, so it's not a good analogy anyway. You generally can't transmit on a frequency you're not licensed to except in case of emergency, but that's not the case with Part 15 devices. In fact, one could argue that the owner of the open access point is the one at fault, since Part 15 clearly puts responsibility for preventing interference with the owner of the device, and I'd consider it interference if your neighbor's AP is putting our a signal strong enough to cause your wireless card to connect to it instead of your own AP.
Closed repeaters are also not a good analogy, as they occupy a gray area in the FCC regs, and have been controversial for some time. There are private property arguments, but I personally believe they're overshadowed by the fact that such repeaters are operated on publicly available bandwidth and thus there is no reasonably expectation of privacy or exclusivity of use. I've never heard of anyone being fined for intentional interference for using a closed repeater. The FCC regs clearly state that amateur frequencies cannot be used exclusively by any station, so for those that want a private network, go apply to the FCC for a frequency to run it on just like your local police department or Wendy's did. Besides, most operators of private repeaters do attempt to set some kind of access control using CTCSS tones, so once again the analogy just doesn't hold up.
You are a little mis informed. Police departments have set freqs and licenses granted by the FCC. Mall cleaning crews are likely to be using open airways as defined by the FCC. Open airways are free to transmit on (within certain guidelines, i.e. power level, bandwith) without a license. WIFI falls into this free airspace or the license is granted to the WIFI manufacturer not sure which, hence you don't need a license to check your email.
No, I'm not misinformed. What's an "open airway"? No such thing. MURS is indeed license-free and used by businesses, but ever local mall around here has a valid FCC license for at least one repeater with multiple "mobile" stations.
It's even more than that. The wireless router received a standard, "can I have legitimate credentials on this network?" request in the form of a DHCP lease request.
I hope this guy uses this argument and the jury/judge can understand it as this is the key. You can't access a network without being given permission and that permission is usually giving by some automated process.
The current situation in most (all?) western countries is that the legal system is walking after the facts when it comes to matters relating to computers, networking, etc. . This makes the more technologically aware part of the population quickly lose all faith in their legal system.
It also makes the world a more dangerous place to live in as such technologies become a more important part of our society: police, courts and similar institutions seem to regard any sufficiently advanced technology as a magical, unpredictable black box, and as such make essentially random decisions on what they will do about it. Court cases are no longer centered around using facts to convince the jury of the truth, but around trying to create in the minds of those concerned an arbitrary but believable idea of what the technology does.
It shouldn't be too hard to imagine how big this problem can become in the long term.
this discussion has just got me wondering. if i encounter a private network, what protocol exists for me to request temporary access? when i configure my airport base-station there are fields for my contact details. why don't the client softwares add a simple "hi, i'm dave. i've just moved into the building and have not got my network set up yet, do you mind if i use yours? i'm in flat 21 pop over and say hi." if i got a message from my base-station telling me my new neighbour needed access, i'd almost
It's like this: even if you don't lock your door, you still have a right to be mad when you walk inside and find someone eating the cookies in your kitchen. On the other hand, if you don't build a fence, you can't get mad when the neighbor walks his dog and it pees on your grass.
It's the same thing with Wifi: you have every right to be pissed off if someone tries to get stuff off of your computer, even if you're dumbass fault that they were able to. On the other hand, if someone is using your bandwidth, it might be sort of annoying to you, but unless you take steps to put a stop to it, it's your fault they're doing it.
The fact is, for most broadband connections, unless the person is file sharing or using VOIP, it's no skin off your nose that they're doing it. If for some reason, it bothers you to be neighborly, the onus is on you to secure your stuff.
I don't think the open doors analogy is fit. What you are getting is not a property, is a service.
When using network sockets, there are well documented protocols being used.
So the client computer is basically saying to the server, or wireless router: can I connect? and the server replies: sure, go ahead
It would be the same thing if a bartender gave drinks for free because he wasn't trained in asking for money in exchange. Would the customers be liable of theft if they took advantage of this?
Or it's like this: Someone bought a wireless router to share his internet connection at home with the rest of his family, but he didn't bother to setup any security.
Then someone outside of the house connects to the wireless router to use the internet connection, without the owner of the router knowing or approving this.
No, it's actually quite easy to explain. Quick powerpoint slide show of the handshake involved. Show the secured one, and the open one. One says 'you have permission, proceed'. The other says 'you are not allowed'
Pretty simple. The process _directly_ translates to an in person conversation that everyone can easily understand.
It's more like sitting on the sidewalk outside someone's house at night. Their porch light is on and you're reading a book by that light.
I like your analogy, but I disagree. It is more like running a splitter and a cable and stealing your neighbors cable TV. Or running an extension cord to a backyard outlet and stealing power. Or perhaps a cordless phone. People accept that they have to pay for electricity, phone, but the internet should be free? why?
I like your analogy, but I disagree. It is more like running a splitter and a cable and stealing your neighbors cable TV. Or running an extension cord to a backyard outlet and stealing power. Or perhaps a cordless phone. People accept that they have to pay for electricity, phone, but the internet should be free? why?
Because I do not have to set foot on your property, or touch your property, to use your WAP, unlike tapping into your cable. Not only that, but if I am your neighbor (or even a passerby on t
If someone logs on to that unsecured network and steals a paypal password and empties the bank account, can they say, "What? The network was unsecure, I thought it was my money!"
No, because they accessed an account they did not own and took money out of it. They had to enter somebody else's username, somebody else's password, and transfer money from that account into their own. I'm pretty sure somewhere on the PayPal page (probably in fine print, mind you), it mentions that accessing the accounts of o
It is more like running a splitter and a cable and stealing your neighbors cable TV.
This is a close comparison, but ignores the fact that you need to physically trespass in order to accomplish it.
Or running an extension cord to a backyard outlet and stealing power.
Again, requires physical access, but also costs the neighbour money in a higher electrical bill, so it's not the same thing.
Or perhaps a cordless phone.
Even assuming that you don't use long distance, you're depriving the owner of the service, since he can't use the phone while you do.
Some other situations might be:
Running a movie or pay per view on your big screen tv which is visible from the street. Is someone walking by who happens to see the movie stealing from you? If you set up a viewing area in your front lawn and allow people to watch it from the street, are they guilty of CI, or are you?
If you play music in your house loud enough to be heard from the street, is someone who hears it doing anything wrong? What if, instead of casually hearing it, they sit on the curb in front of your house?
The critical fact here is that the wardriver is in a public area. By broadcasting your wi-fi signal into that public area, and not blocking public access (tacitly giving permission, thusly,) I think that it can be argued that you're providing a public service.
If a satellite company beams an unencrypted signal onto my property, I believe that I'm within my rights to watch it. If they encrypt said signal, on the other hand, I do not believe that I have the right to break it.
Same thing applies here, I think. If you take no measures to ensure the security of your network, once it leaves your property, it's fair game. Because the measures required are fairly insignificant, the burden should be on the wi-fi owner to lock things down, rather than on the wi-fi user to ensure that he's not impinging on someone's network.
It's only like your analogy if you split the cable yourself and ran the extra end out to your neighbor for him, whether you intend them to use it or not.
As others have mentioned, the WAP gives PERMISSION to connect, unless it is configured NOT to. There is no hacking or cracking involved, which would be analogous to running a cable splitter.
And from the other side, if one finds a WAP signal, and it's open, how is one supposed to know that it's not there _for_ public use? Hmm? It gives you permission to co
OK then. Neighbor would be stealing cable. Not from you however, but from the cable co.
Still entirely different from the issue at hand. Cable connections do not do authentication, whereas WAP does. If yo can successfully connect to a WAP, it has _explicitly_ given you permission. Big difference from the cable analogy.
Actually, being a wireless transmission makes all the difference. The router is allowing the person access from outside their house. The key word is allowing. Sure, the owner may not be giving the express permission to use the network, but by leaving the default settings there, they are allowing the router to give permission to anyone that wants access.
I find your cable/power analogy good, except for one thing. The person taking the bandwidth isn't doing anything to take it. It would be more along the li
It is more like running a splitter and a cable and stealing your neighbors cable TV.
Morally, I agree, it's the same thing. Legally, it's much different though, as the cable companies have convinced the government to pass laws protecting them, and cable television is usually copyrighted, whereas internet traffic may or may not be (and usually the receiver has permission to access that content).
Or running an extension cord to a backyard outlet and stealing power.
But you don't have to enter their house or anything. It's like using a plug on the outside wall, or something. As for why the internet should be free, it's because it doesn't really cost anything. All you connect to is other people's servers. If I'm serving web pages on my system, and getting pages from other people's systems, why should any of us have to pay? The only thing that costs is the links between us, but often they're maintained for everyone by universities or similar. That's how it started anyway
that might be a better analogy - its like using your neighbors garden hose to water your lawn. Afterall, the tap is not locked. Likewise the cost of the 'service' is similar and you using some one day for your lawn is not likely to be noticed.
No, it's more like if your neighbour has a sprinkler going that's spraying out on to the pavement, or part of your garden, or whatever, and you move some potted plants so they catch some of the water.
After all, using the hose deprives them of the ability to use it (while you're using it), and most likely requires that you go and get it and turn the supply on; none of those things are the case in using someone else's wifi connection. (Unless you saturate their bandwidth, in which case they'd have trouble us
If they placed their garden hose on MY lawn, with a note on it saying: "you can use this if you want". Then I'll go ahead and use it.
Same thing with WiFi. For some reason, the default behaviour is an open network, which reaches my house and quite explicitly tels me I can use it.
If all garden hoses came by default with a sign that lets others use it and a system that puts itself on others' lawns, will you still say it's wrong to use it???
No, it's not like that at all. That involves physical access (trespassing) and theft (water, which is charged for by how much you use).
It's like having a sign over your tap that says 'You have permission to use this tap'. So you do. Then the owner comes out and says just because the sign says so doesn't mean I did.
Beating a dead horse, but, if you don't secure your WAP, you are granting permission for others to connect. Period.
actually while your splitting hairs I think your may be overlooking a few things. When the light from your porch strikes the person reading some of that light bounces back to the porch make the porch even brighter. If the light wasnt bouncing backing back towards the porch where we will place our observer you wouldn't be able to see the person reading from the porch. Assuming the goal of turning the light on was the illumnate the porch then the person reading by the sidewalk is slightly increasing effien
So this guy is walking down the street, his stomach grumbling with hunger. In a row of a shops to the right he spots what looks like it might be a sandwich shop, but he can't tell. There's a sign with no writing up and no hours on the door.
He walks in, and sure enough, there's a "make table" with all the goodies someone could possible want for a sandwich. Oddly though, there's nobody in sight, and no cash register! Hell, not even a tip jar to be seen. He scans the room for a price marquee, or any in
Except in this case a request for a connection was made and answered in the afirmative.
It's more like finding a vending machine with no prices on anything, but has one of those little lcd things on it so you push a button for a candy bar to see how much in lcd. Only it gives you the candybar and the screen just flashes 'thank you, come again'. Then you get arrested for stealing after taking a few more.
I will however point out that BOTH analogies are pretty shitty.
In this case the man parked outsi
Your sandwich shop story made even less sense than the "Microsoft program" analogy the original story had. Could you please state your arguments in terms of the facts we have, and the law we have, rather than inventing different facts that don't even apply to the same law?
I sure hope the guy has a good lawyer. He's going to find himself in a world if hurt if the trial comes down to whether the judge likes the prosecutor's analogy or the defense's analogy better.
So this guy in your story basically goes through the first door that happens to be open. It doesn't look like a shop, it doesn't have a price list, it doesn't have a shopkeeper, and generally there's _nothing_ whatsoever that would imply that it's a shop. Could just be someone's home, or it could be that some people were having a party there later and had brought the food in advance. Yet he just assumes that he's allowed to help himself to whatever is there.
Your example is a little off.[br]
[i]Yet he just assumes that he's allowed to help himself to whatever is there.[/i][br]
There is nothing missing here. It's as if the guy strolled into your house, enjoyed the AC (assuming it's summer) for a while, then left without touching anything.[br]
While I agree that I would not want him in my house enjoying the AC, the law is quite clear that if you gave no notice that he was not allowed in, that he is not tresspassing. If there was any notice, if he even had to open
But the WiFi network publishes itself and tells you to come in.
What if someone bought a 1-click inflatable restaurant for his family. He opens the restaurant, with flashing lights saying: "This is a restaurant!!!!" A person comes by the shop, and asks: "Is this restaurant free???" The inflatable waiter says: "Sure! Come in and eat". The person comes in and eats, leaves and gets arrested for theft.
Regardless if the person went around looking for free restaurants, is it really that wrong for him to go and get h
What if I want to provide an open access point? What if a business (like Panera Bread) wants to provide one? Don't they just set it up and let people use it without explicit permission given? I know you can look up all their location on the net, so it's sort of advertised, but if you use their network are you notified that its OK? The default being promoted seems to be that if it's open you may use it.
There is a reason to think that too. If you need someones OK to use their network, how exactly are you su
The same he does for any physical property, don't assume that it's his for the taking. Presume that it is someone else's property and that they will be pissed when you take it.
This is something your parents should have taught you before you could walk.
His shouts of "Helloooo, anyone here?" go unanswered. Finally, he peeks around the establishment looking for any sign of vendor life. None. His stomach of course couldn't care less of this odd situation, and continues to complain with increasing annoyance....
So... you're suggesting that this fellow approached the people who had the wireless network (knocked on the door, sent them an email, ???) and requested the use of it, but got no response? Is that why he snapped the laptop shut when he was spotted
Richard Dinon saw the laptop's muted glow through the rear window of the SUV parked outside his home. He walked closer and noticed a man inside. Then the man noticed Dinon and snapped his computer shut...An hour later...The Chevy Blazer was still there, the man furtively hunched over his computer.
So, instead, this man walked into the shop, made the sandwich and had a bite. The owner of the place suddenly saw him in the security camera, came out, tore the sandwich from his hands, and b
But when the apple tree hangs over your yard, nobody would sue you for making apple pie from the apples above your yard.
Well, nobody reasonable.
If the WiFi is broadcasting into my home, you'd better believe I'm gonna use it.
But if the apple tree is netted, or the neighbor comes over and says "hey, those apples are mine - please let me come over and gather them up", we're talking about something altogether different.
If the WiFi is broadcasting into my home, it is reducing my ability to use the bandwidth myself, secured or not.
And if the neighbor says "hey, those apples are mine - please let me come over and gather them up", my response would be "Okay. Don't forget to rake up the leaves that fall on my side this autumn too then".
If the WiFi is broadcasting into my home, it is reducing my ability to use the bandwidth myself, secured or not.
Take that up with the FCC. You can't do much about your neighbors tree that does NOT hang over your yard, but which blocks your sun/view. At least not in this neighborhood. If you want a clear view, you should take up the issue with the FCC and demand that nobody be able to use WiFi that [may] interfere with their neighbor's. But that would suck, so we have the rules we have (which may also
Right - the point is that you start a conversation and hopefully arrive at a reasonable conclusion. Like how about I pitch in some and another neighbor pitches in some, and we all get more bandwidth than any of us would have had individually.
Heh - actually, it was a pecan tree. And when I pointed out that the only reason the pecans remained on my side to pick up was my dog roving free in the yard, a board was removed to let her roam in both yards, and ultimately I received an additional bag of pecans as
I know this is a tad off topic but last spring when I was house-hunting I found this great place that had a whole row of apple trees on one boundary - overhanging the neighbours. Even though the place was about £30K over my budget and didnt really have enough room I still wanted it just so I could have apple trees overhanging my neighbours so that every day Id have to wake up and think 'will I be a dick about my apples today'.
I found this great place that had a whole row of apple trees on one boundary - overhanging the neighbours. Even though the place was about £30K over my budget and didnt really have enough room I still wanted it just so I could have apple trees overhanging my neighbours so that every day Id have to wake up and think 'will I be a dick about my apples today'.
It may vary by jurisdiction, but around here, the portion of the tree overhanging a neighbors property is the neighbors. So if your apple tree ove
the construction of virtual space is vastly more complicated than a cookies in your home analogy can deal with. Particularly when the question needs physical and virtual space to overlap, as in the case of leeching wifi from a neighbor, or random stranger's house. Its really more like if you had a servant, with a plate of cookies, walking beside every person to walk by your house. All they have to do is reach out and take one. You havent told them not to. You're making it so easy to take a cookie that you
Entering your property, locked or unlocked, without permission is called trespass. That's a crime. Taking your property, locked or unlocked, without permission is called burglary. That's a crime.
Even if your front door is wide open and you're out of town for two weeks, there is the rather justified assumption that rational people know the difference between the great outdoors and a building.
Technical arguments about networks very likely will not caryy weight in court. Specifically, arguments that it i
Entering your property, locked or unlocked, without permission is called trespass. That's a crime.
Very correct, but when entering a public place like a shopping mall, one assumes implicit permission to come onto the owners' property and avail themselves of the facilities within. The owners are of course free to ask you to leave and have you prosecuted for trespassing if you don't, but the initial assumption is that you are welcome there. Facilities that are open to the public are generally assumed to
Why would you be "neighborly" though? Your network traffic would be in an openly sniffable situation.
The "theft of service" doesn't directly hurt you, but it is the kind of thing that makes rolling out improved internet service less worthwhile because that bandwidth is expensive.
Yes, but as a previous poster stated. When it comes to wireless bandwidth, and the internet in general permission has to be revoked. I can't just say, "You're not allowed to visit this website" and put no password or protections on it. Then prosecute everyone who enters my website. Now of course if they pass that special boundary, and attempt to alter my website, that may be a different story. Same as with the wireless, say I was using a walki-talki and someone kept on breaking into my conversations. As lon
Most of your counterexamples do involve actual costs imposed on the person being taken advantage of...gas out of my car, wear and tear on my car, the possibility that my garbage could be full and I'd be charged and extra-bag fee, the electricity needed to cool down the pepsi (yes, the fridge would use more to do so), or even the inconvenience of having you in my home. Using an unsecured WAP incurs none of these, unless you pay for bandwidth (rather than flat-rate).
The analogy is false, though, because you're broadcasting your property... All of your analogies imply clear boundary conditions, such as property edges, doors, using someone else's computer, etc. But if you put up an unsecured wireless network which you setup of sufficient strength to permeate your neighbor's property, the boundaries are very different.
If you have a wireless stereo system, which broadcasts to your speakers, and your neighbor picks it up, it's not "stealing" your music if they listen. If you want to share photos with your family and you put up an unsecured internet site, it's not stealing if non-family members visit and download your photos.
The fact of the matter is you've setup a broadcasting network through a section of your neighborhood. Congratulations, you're now a broadcaster. All operating systems will automatically connect with your network (...maybe not BSD). If you had a problem with this, you can very simply turn on WEP.
Which is how the internet works. Everything is assumed public until you put on the slightest bit of security. That's the convention. If you visit a website and they don't authenticate, it's assumed public. If someone sends you a link to a streaming movie and it doesn't ask for a password, it's assumed public. By practical definitions, it is public. We're not talking about bolting on an iron-clad Novell authentication system, we're talking about changing one preference in your network configuration settings.
You bought a piece of land next to a public field, and you didn't put up a fence or any demarkations. People will wander into and out of the field as if it were part of the commons. There is no practical way to ask whose field / network it is, nor any reason to see to ask. By not marking it as private, you have used the conventional method of marking it as public.
Would someone make their network public? Lots of people do it intentionally. In my apartment, I generally see no fewer than 10 or so wireless networks. Of those, half or so are unsecured. There's usually one or two that has the default router name (Linksys, etc). But most have changed their name to something else, which means that the people involved knew enough to go through the setup process and decided to leave their network open to everyone. Why? Mostly it's a desire to share and be neighborly. Oddly enough, the ISP up the street does the same thing. Lots of the businesses have open wireless access in an attempt to get people to come in with their laptops and drink coffee while doing work.
Of course, there are tradeoffs involved all around. Your wireless network is fucking up my other wireless equipment and using the available spectrum in my house. My wireless phones and other devices are using the same unlicensed spectrum, but are now competing with your bloody web surfing to be heard. I accept that you're going to have a wireless network, because those things are useful. And if you decide not to secure it and make it public, it's on me (and all of the other users) to be good citizens and not saturate your upstream by sharing on P2P apps all the time, or queueing up weeks worth of downloads. If you do decide to secure your network, it's neighborly of us to respect those boundaries and not packet hack it, despite WEP's inherent vulnerabilities. It's also neighborly to broadcast your SSID and channel, because in high density areas the difficulties involved in keeping people's networks from stepping on eachother is far greater than the minimal security provided by not broadcasting your SSID.
You marked your network as public, and now you're complaining that it's not private. Fine. Flip the fucking switch so that we know that it's private.
It's not a matter of one person trespassing on the service of another person, but rather of the recording of phone conversations, which bears on the whole "hey, you became a broadcaster of your own free will" thing. In the days of analog cordless phones it used to be common that cordless phones could be heard faintly on neighbors' handsets or baby monitors, or with radio scanners.
Now, consider that anyone having conversations of an even vaguely secretive nature - that is, conversations they wouldn't want
- come over and dump my garbage into your bin (hey, you probably didn't use all that space in it anyway), or
Happens quite frequently to me. On the night I set out my garbage pail, some dog-walkers will deposit doo-bags. Quite honestly, as long as the bags don't break, it's no big deal. I pay a fixed rate for trash, and all my neighbors pay the same rate. It's not keeping my trash out of the bin.
- build a billboard on your front lawn (why do you care about a few dollars less property value if you a
The difference between WiFi and the car/house analogy is that a WiFi hotspot broadcasts its information, inviting connections. There is no "breaking in" involved. If there was a house that had a sign in front saying "Open House Today" with the door open, you are welcome to enter legally, as it's an open house. Haven't people ever been to these in neighborhoods before? This is equivalent to an open WiFi access point.
In a lot of cases, though, your wifi "Open House" sign is not there because the house owner wants to invite any random stranger in to look around. It's there because he bought a piece of equipment that effectively installed its own "Open House" sign.
Well, suppose someone buys a sign that says "Open House" on it and it gets accidentally put out in front of their house. If someone walked in to see the house, do you think they'd get prosecuted? Nope.
"It's there because he bought a piece of equipment that effectively installed its own "Open House" sign."
A point I made earlier (in me reading.) So bring the device maker up on charges for wrongfully installing the open house sign, not the person so saw the sign and walked in to the open house innocently.
With Wifi using radio spectrum, it's a necessary part of its operation that requires that it transmit its existance so that authorized nodes can connect to it.
Mine works just fine with SSID broadcast turned off. Authorized nodes should already know of the existence of the AP, and I'd argue that the entire point of SSID broadcast was to make it easy for wireless nodes to find an AP that they didn't already know about. Under the informal rules the Internet operates under, if you jump up and down yelling
I don't think it's anything like that to be quite honest, and I think the technical analogies are way off. For example, those arguing that the WAP "invited access" might just as well argue that an unlocked door "invites access" ("But, your honour! The door handle turned when my hand made a request to enter, responding by opening the door. I was clearly invited in")
Not really. Turning the handle is like testing the security of the system. If it is locked, you could be said to be attemping to force entry
I was just fine-tuning the analogies being used here and have one of my own that's a little closer to the point.
Imagine your neighbor has a TV going loudly - he has cable TV and you do not. You hear a show playing you've been meaning to see. You yell over the fence, "mind if I come over and watch that show?" The neighbor's butler yells back, "Sure, come around through the gate.". You go over, sit down and enjoy the show. After the show is over, the owner shows up, and is PISSED because you are there.
The neighbor has not lost any property, but has been denied payment for a service he has performed. (providing you with entertainment) Unfortunately for the neighbor, you were allowed free access to the entertainment indirectly by the neighbor. The neighbor has no legal grounds against you because you were acting with permission of an agent of the neighbor. (the butler)
This is very similar to the issue of open access points. The wireless router being the butler that's been told to allow anyone that asks to be given free internet access. Just because you get upset that the currentl policy of your own access point bothers you does not give you free license to sue someone that has taken advantage of your offerings.
Looked at another way, if a store owner places a tray out in his grocery store labeled "free samples", and some kids come in and start eating the samples, the store owner has no right to prossicute the kids for theft just because it's not "what he intended". He has every right to change his mind and tell the kids to leave, but what's done is done. Give someone permission to do something, and you're just going to have to accept it when they've done it.
This second example has only one assumption to be made though... does an open access point imply a "free samples" sign? Surely we can agree it would not be the same if the tray was sitting in the store and did NOT have a "free samples" sign, surely anyone in the store would be apprehensive about taking something from the tray, and surely the store owner would have right to be upset if someone started snacking on his new display he was setting up. Unfortunataely, access points come from the factory open, and unedjucated consumers don't realize the door is open by default for the world, so they feel that their beliefs take precidence over their actions. This complicates the matter of assuming an open access point is intended to be a free access point, because it can't easily be said that most access points that are open are intended to be free. I'd be willing to bet that 90% of the open access points in my city would get closed if the owner realized I had free and unimpeded access to them. Given that simple reality, I realize that most laws are made to protect the majority, sometimes from their own stupidity.
Should accessing open wireless access points be illegal? That is a tough question for me to answer. I believe the 'free' sign cannot be assumed because the majority of WAP owners simply don't realize the WAP is open to all - this is not something that anyone can effectively argue against. This makes the open access point much more akin to the plate of what appear to be free samples in the grocery store, but with no sign saying "free samples". This places Joe Public on much more shakey legal ground if he digs in. It could then be assumed that the onus is on the public to determine whether they really are free samples before digging in, and if they eat some and then the store manager storms out and is pissed because you are eating his display, I believe it could be assumed he has a right to be upset.
The simplest way to clear this up is to ship WAPs with free access disabled, OR to ship all WAPs with a label taped over the power jack, saying THIS ACCESS POINT SHIPS FROM THE FACTORY WITH ALL SECURITY AND PRIVACY FEATURES DISABLED. UNLESS THIS CONFIGURATION IS CHANGED BY THE CONSUMER, ANY MEMBER OF THE PUBLIC THAT COMES WITHIN THE RANGE OF THIS DEVICE MAY HAVE UNRESTRICTED ACCESS TO YOUR INTERNET CONNECTION. With that in place, the onus then falls on the WAP owner to secure his access point, and we can more easily say the "free" sign is out on the WAP if it is left unprotected.
I was just thinking - this could be viewed from another angle as well. Imagine the owner of a new drive-in theatre, but he sets up no privacy fence along the back of his lot, which is exposed to a little cafe with outside seating. Lots of people come to the cafe each evening, and watch the show from there.
The drive-in owner gets pissed because people are obtaining a free service (entertainment) from him without his permission. It's possible to assume a dim bulb might not realize this is going to be a problem. There are privacy measures he can take (set up a fence) and should reasonably assume are required to insure his privacy. (you don't change into your swimsuit while standing by your pool in your back yard unless you have a privacy fence) In this respect you can say that a person's privacy is their own responsibility, and if they take no actions to enforce their privacy and it is violated, that it is their own fault.
Based on this argument, if I were hauled into court over accessing an open access point, the most important piece of evidence I would present would be the WAP's owner's manual. I would highlight the places in the booklet that described the security and privacy features available to the consumer, and highlight the places where it stated what the default behavior of the unit was. I believe this would be an adequate defense. If the consumer chooses to be ignorant about his property that is capable of interacting with the public, then they accept this interaction. Otherwise if they've read the manual and not used these privacy features, they have knowingly accepted the risk of having their privacy violated.
The difference between WiFi and the car/house analogy is that a WiFi hotspot broadcasts its information, inviting connections.
And a doorknob broadcasts its information visually, inviting hand-turning and opening. What you've got a hold of there, is intentionally confusing two senses of a word, in this case "inviting". Like this:
Some dogs are fuzzy doofuses.
My dog is some dog.
Therefore, my dog is a fuzzy doofus.
Does anybody else find "wardriving" a puerile expression? It's interesting to see the St. Petersberg Times article pick up on the expression with a little frisson of excitement - though it gives the term's heritage. I can feel the ripples of an expression being criminalised (a comparative example in the UK is watching "asylum seeker" being re-interpreted), and hence the associated activity being criminalised as well...
My take is that it _is_ why "normal" people don't have the same attitude to security (whether it's wireless routers or windows bugs) as nerds have. Real World has worked on completely different principles so far.
The fact is, even if you locked your door or built a chainlink fence, they're just marking a boundary, not being an unbreakable barrier. Whether you lock it or not, your real defense isn't the door, it's the law. The door is really just a marker that says "my property starts here, if you're caught
The fact is, even if you locked your door or built a chainlink fence, they're just marking a boundary, not being an unbreakable barrier. Whether you lock it or not, your real defense isn't the door, it's the law. The door is really just a marker that says "my property starts here, if you're caught here, we'll throw your sorry ass in jail."
I don't have a chainlink fence, does that mean my property should become a neighborhood hang out? Or should people know, if I don't own it, then I should not use it?
But I would like to think that if I buy a wireless router, I can take it out of the box, plug it in, and not do anything else and it will work. If it broadcasts to the world, that is something the manufacturer did wrong, setting it as default that way. The other end of the spectrum is the people who will get a router with restricted access, and not be able to configure it to work with their computers. What do you do? Does owning a wireless router require someone to read a 100 page manual. How many people
"I don't have a chainlink fence, does that mean my property should become a neighborhood hang out? Or should people know, if I don't own it, then I should not use it?"
The "if you don't own it, you shouldn't use it without permission" idea was what I had in mind.
"Granted, with the internet it is different than in the real world. Cybercrimes are not real crimes, not in the sense like if you stuck a gun in someones ribs and ordered them to give you their money."
While I hadn;ty previously though of it, it does seem to make sense that with an open wireless access point with DHCP, a third party effectively does have permission to use it. While there may be no sign saying "please use this access point" the user has made a simple request to use it, and the equipment (the WAP) has not only responded in the affirmative, but has explicitly given the user the details it needs to make use of that access point. it has given out an IP address, netmask, default gateway and dns
Yes, the door is merely a marker to tell people that this is the end of the public domain, as is a big locked fence. Where, however, is the analogue in an unsecured wireless router?
I would think that a WEP encryption would be the equivalent of a door. Anyone with access to google can figure out how to hack through WEP. But that is a flag saying, this is a private network.
Telling people who get their wireless jacked isnt placing the onus of security on the victims, its placing the onus of delineating th
"My property starts here [...] they're just not supposed to be on it"
But that just doesn't work for the internet. The internet works ONLY by the fact that it is open. Look at DNS servers: do you have 'permission' to use them? No...but you use them anyway; the internet would be broken without these kinda ad-hoc, sure you can use my resources, networks. Packet-routing (another key internet feature) works like this too; there is no express permission given, just assumed.
The trouble with open WiFi networks is that there is no boundary marker. Without the boundary marker, there is no way of knowing that trespass has occured.
If you run an open AP and the signal is strong enough to enter my house, aren't you trespassing in the first place?
Leaving a WiFi access point open and unsecured is broadcasting the signal, and hence, access to anyone in the public who is within "earshot" of the WAP. Some court somewhere needs to wake up and smell the coffee with this issue and give a clear and sensible ruling on it, because even the cheapest WAPs on the market do have a mechanism to switch from public broadcast to private access (i.e. at least turning on WEP). Even though WEP doesn't provide any real security, it at least marks a visible boundry. In
"And, frankly, I see no reason why we shouldn't apply that RL model to computers. My property starts here, I don't give a damn about how l33t some kid thinks he is, they're just not supposed to be on it. Period."
Property huh? It's not your property ass. And even if it were, you lost the right to tell me not to use it when it crossed my property line.
There's two differences here, though. For one, unlike in real-life situations, it actually is possible to lock the proverbial door perfectly so that, barring design failures, people *will* not be able to enter.
What I think is more important, though, is the fact that your house, your garden, your car and all these things are actually your *property*, which is something you can't say about your wireless LAN. Sure, the equipment belongs to you, but the actual abstract concept of the network that is created wh
... Only the airwaves in question are for public use (as all are supposed to be) and the access point in questiton was broadcasting the equivilant of a repeating cq call. Basically inviting users to join the wifi access point. An Win32 system out of the box will automatically join most open wireless networks withou even prompting because of this very nature.
The physical property analogy is not really relevant. The previously mentioned light out the window, or wireless speaker analogy is more apt.
Taking the story from another angle (i.e., not blaming the owner of the network for the use of it by someone else)... I don't use that which I don't have permission to and that's how I teach my children to act. All the geeks want to blame the florida retiree in Florida for leaving his network open (and maybe for dimpling a chad too... but that's another discussion:p).
So... is the woman who carries their wallet in her hand at fault for someone stealing it? Is she at fault for getting raped if she dres
It is completely opposite way of thought than how American's have previously thought about property. For example how many of you grew up and left doors unlocked to your house or car all the time. I for one never locked my car doors at home nor the front door to my house. It is your private property and you never expect anyone who wasn't welcome to break those boundries, but we have welcomed the Internet with it's complete opposite point of view.
Internet protocols are made to allow software to automaticall
But you're comparing the physical with the "etherial" (for lack of a better word) here.
If you're broadcasting wifi access onto my property, why shouldn't I be free to use it? Especially if you haven't bothered to protect it in any way?
I've done nothing wrong if you're blasting your radio and I can listen to it from my front yard or if I can overhear a loud conversation you're having. You can't force me to "give you your water back" if your water sprinkler throws over into my yard all day long.
You could also say it is like singing in the shower. If you sing loud and people stop outside to listen, they should be welcome to. If you don't want them to hear you, shut the windows or shut up. Both your voice and the WiFi signal is broadcasted through public space.
BTW, I wonder how long before some stupid guy sues his neighbour for broadcasting his WiFi signal onto his property.;-)
Actually, UCSD, U.Texas.Somecity, and a few other universities havein fact tried to shut down their students from using or creating wifi spots, even if the wifi hotspots are not connected to the uni network. I can't remember the slashdot story about this. A few unis backed down when they were forced to admit that the FCC requires 802.11__ to ACCEPT all noise that may be caused by other devices and is not allowed to be regulated, unless they had it written into their dormroom regulations that wifi spots we
We have a plethora of conflicting role models for this in our society.
For instance, while a house with no doors in the frames is still technically a "closed" facility and uninvited entry may be characterized as breaking and entering. And most of us utilize (snail-)mailboxes without any sort of lock, recognizing that it is a federal crime to mess with someone else's mail. Most things are like this. You don't have to lock your car for it to be "stolen". Use of an unattended, unsecured bicycle is treated
So a WAP advertises its existence and that it is open, essentially inviting public use. It will happily grant a connection to your computer (which might even request one automatically, without your knowledge).
How is one supposed to distinguish between open wireless networks are okay to use and those which are not? Common sense only goes so far in helping to make this determination.
IMHO if the WAP says that it's public and it grants connections to strangers, then those people should not be held liable fo
The default of enabling WiFi by default is somewhat problematic here because it lets people use it without having to know anything about what they are actually doing.
As for WEP, the only thing it may be good for is proving willful intrusion - WEP does not magically break itself. For actual protection, people should opt for the full basic regiment of changing SSID and disabling its broadcasting, use WPA-AES and MAC whitelist.
Newer Linksys firmware have a one-click configuration button that automatical
Open doors (Score:5, Informative)
Yeah, because we all know how much "hacking" is required to use wide open WiFi connections.
Also, the poor guy admitted to using the connection too (unauthorized access to a computer network, which is a third degree felony according to the article). Now, if he would have just asked for a lawyer and then shut up, he probably would have gotten off with just a warning.
Re:Open doors (Score:5, Insightful)
Re:Open doors (Score:5, Interesting)
It is completely opposite way of thought than how American's have previously thought about property. For example how many of you grew up and left doors unlocked to your house or car all the time. I for one never locked my car doors at home nor the front door to my house. It is your private property and you never expect anyone who wasn't welcome to break those boundries, but we have welcomed the Internet with it's complete opposite point of view.
I wonder if this same ideal is why people don't bother securing wireless even when most have some grasp of the reprocutions of not securing their wireless.
Re:Open doors (Score:2)
The difference here is it's wireless. It uses *PUBLIC* airspace/radio frequencies. That's the same line of reasoning the Supreme Court used with regards to the creation of the FCC.
Re:Open doors (Score:5, Insightful)
It's even more than that. The wireless router received a standard, "can I have legitimate credentials on this network?" request in the form of a DHCP lease request. The wireless router replied with valid credentials for that network. The user did not make any malformed requests, did not use any information that he should not have rightfully posessed, and in no way forced his way into the network.
He also properly followed FCC rules regarding the use of wireless equipment.
If the owner of a wireless transceiver, a radio if you will, doesn't want to let that device communicate then they bear the burden of making it not communicate. If they leave it in a mode that allows any public access over frequencies that belong to the public-at-large then they bear the responsibility.
I'd like to see the ARRL and the FCC get involved in this, even though the odds are against this guy having any official licensing from the FCC.
Re:Open doors (Score:2, Interesting)
Re:Open doors (Score:2)
Yes, and the real culprit here is the device manufacturers who ship these devices with default open policies to make it easier to just plug and go without knowing anything and without having to configure them on initial setup.
all the best,
drew
http://yp.peercast.org/?find=bysa&Submit=Search [peercast.org]
The Looming Legal Threat to Wi-Fi (Score:5, Informative)
http://www.pcmag.com/article2/0,1759,1565274,00.as p [pcmag.com]
By John C. Dvorak
To drive around looking for connections to open wireless access points is called wardriving. In Canada, people who are caught doing this can be arrested for stealing bandwidth. The legality of this practice in the U.S., however, is a bit hazy, and there are many mitigating factors. One is that several organizations deliberately leave access points unencrypted so that people can use them as necessary. Also, many computers with built-in wireless simply grab the first signal they detect. Then there's the trespassing issue: The wardriver isn't trespassing on the router, the router is trespassing on the wardriver's airspace.
Free Access
This issue was brought home to me recently when one of my laptops told me it was ready to install new Windows XP upgrades, even though the laptop was not on a network and my wireless access point was off-line. I discovered that a neighbor's wireless router, named "default," had provided the access. Using my Toshiba's View Wireless Connections option, I saw five nearby networks that I could grab, three of which were unencrypted. Obviously there's plenty of free access around for harried travelers. It seems to me that being able to download your e-mail at an open connection is a good thing.
Look into the legality of this, though, and you hear vague comments like "The FBI doesn't know how legal it is" or "It may be illegal, because you're using someone else's connection or you're spying on their network." This issue will create ridiculous legal problems, which is bad news for both consumers and law enforcement, unless a sensible, national policy can be developed.
Personal and Corporate Responsibility
Let me jump in and propose a simple, logical public policy. Law enforcement doesn't need to get involved whenever some guy in a doughnut shop poaches a nearby Wi-Fi connection to check his e-mail, thinking he's on the shop's network. This shouldn't be a crime, even if he's intentionally poaching. We must put the burden of responsibility on the broadcaster, not the end user. It has to be made clear that people sending open connections all over town should be responsible for them.
Here's what I propose: Once a wireless signal leaves private property, it becomes public domain. If the person transmitting the signal wants it protected, then encryption is up to him or her. If someone beams an Internet connection into my home and I happen to lock onto the signal, he is trespassing on me, not the other way around. Public policy must reflect this logic. Keep it out of my house if you don't want me using it. Keep it out of my car. Keep it away from me in public places.
The Public Interest
This policy makes sense because it lets anyone who wants to provide open access do so without hassle or fear. Groups in San Francisco and Seattle are openly promoting free 802.11 connectivity. Many coffee shops, restaurants, and community groups now provide free wireless access, and directories of these hot spots are easy to find online.
This ubiquity of access is to be encouraged as in the public interest. But it can't happen if the law doesn't make the person transmitting the 802.11 signal responsible, instead of blaming any roaming users who are simply grabbing open connections. If this means that a corporate network is wide open to hackers, because the company doesn't bother encrypting the signal it broadcasts all over town, then so be it.
We must not follow the Canadian model that views using unprotected 802.11 connections as bandwidth theft. My computer grabs wireless signals impinging on my house more often than it grabs my own 802.11 connection. It just does. Agencies shouldn't be required to sort this out; it would be a law enforcement nightmare. In fact, it's
Re:The Looming Legal Threat to Wi-Fi (Score:2)
Cool idea. So he won't mind when I start using his cordless phone base to make some local calls. Oh wait, that's illegal.
Consumer phones (Score:3, Interesting)
Re:Open doors (Score:2)
Are you smoking super double-stupid crack today? If any entity, from a police department to a mall cleaning crew, has a radio system then the public isn't free to just use it. That's punishable by law.
Re:Open doors (Score:2)
Depends what you mean by "use it". If the device in question was operating on an open frequency, I can't imagine that sending signals to the device, or receiving signals back from it, would be illegal.
Even ham radio repeaters can be "closed" and then if people access them without permission it's intentional interference and can result in fines.
Not being a ham radio operator,
Re:Open doors (Score:4, Informative)
Closed repeaters are also not a good analogy, as they occupy a gray area in the FCC regs, and have been controversial for some time. There are private property arguments, but I personally believe they're overshadowed by the fact that such repeaters are operated on publicly available bandwidth and thus there is no reasonably expectation of privacy or exclusivity of use. I've never heard of anyone being fined for intentional interference for using a closed repeater. The FCC regs clearly state that amateur frequencies cannot be used exclusively by any station, so for those that want a private network, go apply to the FCC for a frequency to run it on just like your local police department or Wendy's did. Besides, most operators of private repeaters do attempt to set some kind of access control using CTCSS tones, so once again the analogy just doesn't hold up.
Re:Open doors (Score:2, Insightful)
Re:Open doors (Score:2)
Re:Open doors (Score:5, Insightful)
Re:Open doors (Score:4, Interesting)
The current situation in most (all?) western countries is that the legal system is walking after the facts when it comes to matters relating to computers, networking, etc. . This makes the more technologically aware part of the population quickly lose all faith in their legal system.
It also makes the world a more dangerous place to live in as such technologies become a more important part of our society: police, courts and similar institutions seem to regard any sufficiently advanced technology as a magical, unpredictable black box, and as such make essentially random decisions on what they will do about it. Court cases are no longer centered around using facts to convince the jury of the truth, but around trying to create in the minds of those concerned an arbitrary but believable idea of what the technology does.
It shouldn't be too hard to imagine how big this problem can become in the long term.
Re:Open doors (Score:2)
Open Lands (Score:3, Insightful)
Re:Open doors (Score:5, Insightful)
It's the same thing with Wifi: you have every right to be pissed off if someone tries to get stuff off of your computer, even if you're dumbass fault that they were able to. On the other hand, if someone is using your bandwidth, it might be sort of annoying to you, but unless you take steps to put a stop to it, it's your fault they're doing it.
The fact is, for most broadband connections, unless the person is file sharing or using VOIP, it's no skin off your nose that they're doing it. If for some reason, it bothers you to be neighborly, the onus is on you to secure your stuff.
Re:Open doors (Score:5, Insightful)
What you are getting is not a property, is a service.
When using network sockets, there are well documented protocols being used.
So the client computer is basically saying to the server, or wireless router: can I connect?
and the server replies: sure, go ahead
It would be the same thing if a bartender gave drinks for free because he wasn't trained in asking for money in exchange.
Would the customers be liable of theft if they took advantage of this?
Re:Open doors (Score:5, Insightful)
One could say you're using the light they paid for without their permission. On the other hand, they're letting the light spill out into public land.
Re:Open doors (Score:5, Funny)
Someone bought a wireless router to share his internet connection at home with the rest of his family, but he didn't bother to setup any security.
Then someone outside of the house connects to the wireless router to use the internet connection, without the owner of the router knowing or approving this.
Re:Open doors (Score:2)
The same kinds of idiots who have no idea what WEP is will be on the jury. Talking about unsecure networks is going to sail just over their heads.
It would be just like trying to describe open source software to people who've never heard of a computer.
Re:Open doors (Score:2)
Pretty simple. The process _directly_ translates to an in person conversation that everyone can easily understand.
Re:Open doors (Score:2)
Re:Open doors (Score:2, Interesting)
I like your analogy, but I disagree. It is more like running a splitter and a cable and stealing your neighbors cable TV. Or running an extension cord to a backyard outlet and stealing power. Or perhaps a cordless phone. People accept that they have to pay for electricity, phone, but the internet should be free? why?
The fact that it is a wireless transmission
Re:Open doors (Score:2)
Because I do not have to set foot on your property, or touch your property, to use your WAP, unlike tapping into your cable. Not only that, but if I am your neighbor (or even a passerby on t
Re:Open doors (Score:2)
No, because they accessed an account they did not own and took money out of it. They had to enter somebody else's username, somebody else's password, and transfer money from that account into their own. I'm pretty sure somewhere on the PayPal page (probably in fine print, mind you), it mentions that accessing the accounts of o
Re:Open doors (Score:5, Insightful)
This is a close comparison, but ignores the fact that you need to physically trespass in order to accomplish it.
Or running an extension cord to a backyard outlet and stealing power.
Again, requires physical access, but also costs the neighbour money in a higher electrical bill, so it's not the same thing.
Or perhaps a cordless phone.
Even assuming that you don't use long distance, you're depriving the owner of the service, since he can't use the phone while you do.
Some other situations might be:
Running a movie or pay per view on your big screen tv which is visible from the street. Is someone walking by who happens to see the movie stealing from you? If you set up a viewing area in your front lawn and allow people to watch it from the street, are they guilty of CI, or are you?
If you play music in your house loud enough to be heard from the street, is someone who hears it doing anything wrong? What if, instead of casually hearing it, they sit on the curb in front of your house?
The critical fact here is that the wardriver is in a public area. By broadcasting your wi-fi signal into that public area, and not blocking public access (tacitly giving permission, thusly,) I think that it can be argued that you're providing a public service.
If a satellite company beams an unencrypted signal onto my property, I believe that I'm within my rights to watch it. If they encrypt said signal, on the other hand, I do not believe that I have the right to break it.
Same thing applies here, I think. If you take no measures to ensure the security of your network, once it leaves your property, it's fair game. Because the measures required are fairly insignificant, the burden should be on the wi-fi owner to lock things down, rather than on the wi-fi user to ensure that he's not impinging on someone's network.
Re:Open doors (Score:2)
As others have mentioned, the WAP gives PERMISSION to connect, unless it is configured NOT to. There is no hacking or cracking involved, which would be analogous to running a cable splitter.
And from the other side, if one finds a WAP signal, and it's open, how is one supposed to know that it's not there _for_ public use? Hmm? It gives you permission to co
Re:Open doors (Score:2)
Still entirely different from the issue at hand. Cable connections do not do authentication, whereas WAP does. If yo can successfully connect to a WAP, it has _explicitly_ given you permission. Big difference from the cable analogy.
Re:Open doors (Score:2)
I find your cable/power analogy good, except for one thing. The person taking the bandwidth isn't doing anything to take it. It would be more along the li
Re:Open doors (Score:2)
It is more like running a splitter and a cable and stealing your neighbors cable TV.
Morally, I agree, it's the same thing. Legally, it's much different though, as the cable companies have convinced the government to pass laws protecting them, and cable television is usually copyrighted, whereas internet traffic may or may not be (and usually the receiver has permission to access that content).
Or running an extension cord to a backyard outlet and stealing power.
Using someone's power directly costs th
Re:Open doors (Score:3, Funny)
Like Stealing Water (Score:2)
garden hose to water your lawn. Afterall, the tap is not
locked. Likewise the cost of the 'service' is similar and you
using some one day for your lawn is not likely to be noticed.
Re:Like Stealing Water (Score:2)
After all, using the hose deprives them of the ability to use it (while you're using it), and most likely requires that you go and get it and turn the supply on; none of those things are the case in using someone else's wifi connection. (Unless you saturate their bandwidth, in which case they'd have trouble us
Re:Like Stealing Water (Score:2)
Same thing with WiFi. For some reason, the default behaviour is an open network, which reaches my house and quite explicitly tels me I can use it.
If all garden hoses came by default with a sign that lets others use it and a system that puts itself on others' lawns, will you still say it's wrong to use it???
Re:Like Stealing Water (Score:2)
It's like having a sign over your tap that says 'You have permission to use this tap'. So you do. Then the owner comes out and says just because the sign says so doesn't mean I did.
Beating a dead horse, but, if you don't secure your WAP, you are granting permission for others to connect. Period.
Re:Open doors (Score:2)
Re:Open doors (Score:3, Funny)
He walks in, and sure enough, there's a "make table" with all the goodies someone could possible want for a sandwich. Oddly though, there's nobody in sight, and no cash register! Hell, not even a tip jar to be seen. He scans the room for a price marquee, or any in
Re:Open doors (Score:2)
It's more like finding a vending machine with no prices on anything, but has one of those little lcd things on it so you push a button for a candy bar to see how much in lcd. Only it gives you the candybar and the screen just flashes 'thank you, come again'. Then you get arrested for stealing after taking a few more.
I will however point out that BOTH analogies are pretty shitty.
In this case the man parked outsi
Re:Open doors (Score:3)
I sure hope the guy has a good lawyer. He's going to find himself in a world if hurt if the trial comes down to whether the judge likes the prosecutor's analogy or the defense's analogy better.
Actually, you wouldn't believe the analog
I.e., theft (Score:3, Insightful)
Seems to me like a very clear-cut case of theft,
Re:I.e., theft (Score:2)
Re:I.e., theft (Score:3, Interesting)
What if someone bought a 1-click inflatable restaurant for his family.
He opens the restaurant, with flashing lights saying: "This is a restaurant!!!!"
A person comes by the shop, and asks: "Is this restaurant free???"
The inflatable waiter says: "Sure! Come in and eat".
The person comes in and eats, leaves and gets arrested for theft.
Regardless if the person went around looking for free restaurants, is it really that wrong for him to go and get h
But.... (Score:2)
There is a reason to think that too. If you need someones OK to use their network, how exactly are you su
Re:I.e., theft (Score:2)
This is something your parents should have taught you before you could walk.
Sounds like a familiar story (Score:4, Funny)
Re:Open doors (Score:3, Insightful)
His shouts of "Helloooo, anyone here?" go unanswered. Finally, he peeks around the establishment looking for any sign of vendor life. None. His stomach of course couldn't care less of this odd situation, and continues to complain with increasing annoyance. ...
So ... you're suggesting that this fellow approached the people who had the wireless network (knocked on the door, sent them an email, ???) and requested the use of it, but got no response? Is that why he snapped the laptop shut when he was spotted
Except... (Score:2)
Richard Dinon saw the laptop's muted glow through the rear window of the SUV parked outside his home. He walked closer and noticed a man inside. Then the man noticed Dinon and snapped his computer shut...An hour later...The Chevy Blazer was still there, the man furtively hunched over his computer.
So, instead, this man walked into the shop, made the sandwich and had a bite. The owner of the place suddenly saw him in the security camera, came out, tore the sandwich from his hands, and b
Re:Open doors (Score:3, Insightful)
Well, nobody reasonable.
If the WiFi is broadcasting into my home, you'd better believe I'm gonna use it.
But if the apple tree is netted, or the neighbor comes over and says "hey, those apples are mine - please let me come over and gather them up", we're talking about something altogether different.
Likewise if the WiFi is secured.
Re:Open doors (Score:5, Insightful)
And if the neighbor says "hey, those apples are mine - please let me come over and gather them up", my response would be "Okay. Don't forget to rake up the leaves that fall on my side this autumn too then".
Re:Open doors (Score:3)
Take that up with the FCC. You can't do much about your neighbors tree that does NOT hang over your yard, but which blocks your sun/view. At least not in this neighborhood. If you want a clear view, you should take up the issue with the FCC and demand that nobody be able to use WiFi that [may] interfere with their neighbor's. But that would suck, so we have the rules we have (which may also
Re:Open doors (Score:3, Interesting)
Heh - actually, it was a pecan tree. And when I pointed out that the only reason the pecans remained on my side to pick up was my dog roving free in the yard, a board was removed to let her roam in both yards, and ultimately I received an additional bag of pecans as
Re:Open doors (Score:2)
Even though the place was about £30K over my budget and didnt really have enough room I still wanted it just so I could have apple trees overhanging my neighbours so that every day Id have to wake up and think 'will I be a dick about my apples today'.
Re:Open doors (Score:2)
Even though the place was about £30K over my budget and didnt really have enough room I still wanted it just so I could have apple trees overhanging my neighbours so that every day Id have to wake up and think 'will I be a dick about my apples today'.
It may vary by jurisdiction, but around here, the portion of the tree overhanging a neighbors property is the neighbors. So if your apple tree ove
Re:Open doors (Score:2)
Its really more like if you had a servant, with a plate of cookies, walking beside every person to walk by your house. All they have to do is reach out and take one. You havent told them not to. You're making it so easy to take a cookie that you
Re:Open doors (Score:2)
No, it's more like leaving your stereo on your property and turned on, and some guy stopping to listen to it on the sidewalk in front of your house.
Locked or Unlocked, It's Trespass (Score:2)
Even if your front door is wide open and you're out of town for two weeks, there is the rather justified assumption that rational people know the difference between the great outdoors and a building.
Technical arguments about networks very likely will not caryy weight in court. Specifically, arguments that it i
Re:Locked or Unlocked, It's Trespass (Score:2)
Very correct, but when entering a public place like a shopping mall, one assumes implicit permission to come onto the owners' property and avail themselves of the facilities within. The owners are of course free to ask you to leave and have you prosecuted for trespassing if you don't, but the initial assumption is that you are welcome there. Facilities that are open to the public are generally assumed to
Re:Open doors (Score:2)
The "theft of service" doesn't directly hurt you, but it is the kind of thing that makes rolling out improved internet service less worthwhile because that bandwidth is expensive.
Re:Open doors (Score:2)
Re:Bullshit (Score:2)
Re:Bullshit (Score:2)
The fact is, that's not how private pro
You've marked it as public (Score:5, Insightful)
If you have a wireless stereo system, which broadcasts to your speakers, and your neighbor picks it up, it's not "stealing" your music if they listen. If you want to share photos with your family and you put up an unsecured internet site, it's not stealing if non-family members visit and download your photos.
The fact of the matter is you've setup a broadcasting network through a section of your neighborhood. Congratulations, you're now a broadcaster. All operating systems will automatically connect with your network (...maybe not BSD). If you had a problem with this, you can very simply turn on WEP.
Which is how the internet works. Everything is assumed public until you put on the slightest bit of security. That's the convention. If you visit a website and they don't authenticate, it's assumed public. If someone sends you a link to a streaming movie and it doesn't ask for a password, it's assumed public. By practical definitions, it is public. We're not talking about bolting on an iron-clad Novell authentication system, we're talking about changing one preference in your network configuration settings.
You bought a piece of land next to a public field, and you didn't put up a fence or any demarkations. People will wander into and out of the field as if it were part of the commons. There is no practical way to ask whose field / network it is, nor any reason to see to ask. By not marking it as private, you have used the conventional method of marking it as public.
Would someone make their network public? Lots of people do it intentionally. In my apartment, I generally see no fewer than 10 or so wireless networks. Of those, half or so are unsecured. There's usually one or two that has the default router name (Linksys, etc). But most have changed their name to something else, which means that the people involved knew enough to go through the setup process and decided to leave their network open to everyone. Why? Mostly it's a desire to share and be neighborly. Oddly enough, the ISP up the street does the same thing. Lots of the businesses have open wireless access in an attempt to get people to come in with their laptops and drink coffee while doing work.
Of course, there are tradeoffs involved all around. Your wireless network is fucking up my other wireless equipment and using the available spectrum in my house. My wireless phones and other devices are using the same unlicensed spectrum, but are now competing with your bloody web surfing to be heard. I accept that you're going to have a wireless network, because those things are useful. And if you decide not to secure it and make it public, it's on me (and all of the other users) to be good citizens and not saturate your upstream by sharing on P2P apps all the time, or queueing up weeks worth of downloads. If you do decide to secure your network, it's neighborly of us to respect those boundaries and not packet hack it, despite WEP's inherent vulnerabilities. It's also neighborly to broadcast your SSID and channel, because in high density areas the difficulties involved in keeping people's networks from stepping on eachother is far greater than the minimal security provided by not broadcasting your SSID.
You marked your network as public, and now you're complaining that it's not private. Fine. Flip the fucking switch so that we know that it's private.
Something close to this has actually been to court (Score:3, Informative)
Now, consider that anyone having conversations of an even vaguely secretive nature - that is, conversations they wouldn't want
Re:Bullshit (Score:2)
Happens quite frequently to me. On the night I set out my garbage pail, some dog-walkers will deposit doo-bags. Quite honestly, as long as the bags don't break, it's no big deal. I pay a fixed rate for trash, and all my neighbors pay the same rate. It's not keeping my trash out of the bin.
- build a billboard on your front lawn (why do you care about a few dollars less property value if you a
Re:Open doors (Score:5, Funny)
Re:Open doors (Score:4, Insightful)
Re:Open doors (Score:2)
Re:Open doors (Score:2)
Re:Open doors (Score:2)
A point I made earlier (in me reading.) So bring the device maker up on charges for wrongfully installing the open house sign, not the person so saw the sign and walked in to the open house innocently.
all the best,
drew
http://yp.peercast.org/?find=bysa&Submit=Search [peercast.org]
Comment removed (Score:4, Insightful)
Re:Open doors (Score:2)
Mine works just fine with SSID broadcast turned off. Authorized nodes should already know of the existence of the AP, and I'd argue that the entire point of SSID broadcast was to make it easy for wireless nodes to find an AP that they didn't already know about. Under the informal rules the Internet operates under, if you jump up and down yelling
Re:Open doors (Score:3, Insightful)
Not really. Turning the handle is like testing the security of the system. If it is locked, you could be said to be attemping to force entry
Re:Open doors (Score:5, Interesting)
Imagine your neighbor has a TV going loudly - he has cable TV and you do not. You hear a show playing you've been meaning to see. You yell over the fence, "mind if I come over and watch that show?" The neighbor's butler yells back, "Sure, come around through the gate.". You go over, sit down and enjoy the show. After the show is over, the owner shows up, and is PISSED because you are there.
The neighbor has not lost any property, but has been denied payment for a service he has performed. (providing you with entertainment) Unfortunately for the neighbor, you were allowed free access to the entertainment indirectly by the neighbor. The neighbor has no legal grounds against you because you were acting with permission of an agent of the neighbor. (the butler)
This is very similar to the issue of open access points. The wireless router being the butler that's been told to allow anyone that asks to be given free internet access. Just because you get upset that the currentl policy of your own access point bothers you does not give you free license to sue someone that has taken advantage of your offerings.
Looked at another way, if a store owner places a tray out in his grocery store labeled "free samples", and some kids come in and start eating the samples, the store owner has no right to prossicute the kids for theft just because it's not "what he intended". He has every right to change his mind and tell the kids to leave, but what's done is done. Give someone permission to do something, and you're just going to have to accept it when they've done it.
This second example has only one assumption to be made though... does an open access point imply a "free samples" sign? Surely we can agree it would not be the same if the tray was sitting in the store and did NOT have a "free samples" sign, surely anyone in the store would be apprehensive about taking something from the tray, and surely the store owner would have right to be upset if someone started snacking on his new display he was setting up. Unfortunataely, access points come from the factory open, and unedjucated consumers don't realize the door is open by default for the world, so they feel that their beliefs take precidence over their actions. This complicates the matter of assuming an open access point is intended to be a free access point, because it can't easily be said that most access points that are open are intended to be free. I'd be willing to bet that 90% of the open access points in my city would get closed if the owner realized I had free and unimpeded access to them. Given that simple reality, I realize that most laws are made to protect the majority, sometimes from their own stupidity.
Should accessing open wireless access points be illegal? That is a tough question for me to answer. I believe the 'free' sign cannot be assumed because the majority of WAP owners simply don't realize the WAP is open to all - this is not something that anyone can effectively argue against. This makes the open access point much more akin to the plate of what appear to be free samples in the grocery store, but with no sign saying "free samples". This places Joe Public on much more shakey legal ground if he digs in. It could then be assumed that the onus is on the public to determine whether they really are free samples before digging in, and if they eat some and then the store manager storms out and is pissed because you are eating his display, I believe it could be assumed he has a right to be upset.
The simplest way to clear this up is to ship WAPs with free access disabled, OR to ship all WAPs with a label taped over the power jack, saying THIS ACCESS POINT SHIPS FROM THE FACTORY WITH ALL SECURITY AND PRIVACY FEATURES DISABLED. UNLESS THIS CONFIGURATION IS CHANGED BY THE CONSUMER, ANY MEMBER OF THE PUBLIC THAT COMES WITHIN THE RANGE OF THIS DEVICE MAY HAVE UNRESTRICTED ACCESS TO YOUR INTERNET CONNECTION. With that in place, the onus then falls on the WAP owner to secure his access point, and we can more easily say the "free" sign is out on the WAP if it is left unprotected.
Re:Open doors (Score:5, Insightful)
I was just thinking - this could be viewed from another angle as well. Imagine the owner of a new drive-in theatre, but he sets up no privacy fence along the back of his lot, which is exposed to a little cafe with outside seating. Lots of people come to the cafe each evening, and watch the show from there.
The drive-in owner gets pissed because people are obtaining a free service (entertainment) from him without his permission. It's possible to assume a dim bulb might not realize this is going to be a problem. There are privacy measures he can take (set up a fence) and should reasonably assume are required to insure his privacy. (you don't change into your swimsuit while standing by your pool in your back yard unless you have a privacy fence) In this respect you can say that a person's privacy is their own responsibility, and if they take no actions to enforce their privacy and it is violated, that it is their own fault.
Based on this argument, if I were hauled into court over accessing an open access point, the most important piece of evidence I would present would be the WAP's owner's manual. I would highlight the places in the booklet that described the security and privacy features available to the consumer, and highlight the places where it stated what the default behavior of the unit was. I believe this would be an adequate defense. If the consumer chooses to be ignorant about his property that is capable of interacting with the public, then they accept this interaction. Otherwise if they've read the manual and not used these privacy features, they have knowingly accepted the risk of having their privacy violated.
Re:Open doors (Score:2)
And a doorknob broadcasts its information visually, inviting hand-turning and opening. What you've got a hold of there, is intentionally confusing two senses of a word, in this case "inviting". Like this:
Some dogs are fuzzy doofuses.
My dog is some dog.
Therefore, my dog is a fuzzy doofus.
--Rob
Wardriving as a puerile expression (Score:3, Interesting)
Exactly (Score:3, Insightful)
The fact is, even if you locked your door or built a chainlink fence, they're just marking a boundary, not being an unbreakable barrier. Whether you lock it or not, your real defense isn't the door, it's the law. The door is really just a marker that says "my property starts here, if you're caught
Re:Exactly (Score:2)
I don't have a chainlink fence, does that mean my property should become a neighborhood hang out? Or should people know, if I don't own it, then I should not use it?
Re:Exactly (Score:2, Insightful)
Re:Exactly (Score:2)
The "if you don't own it, you shouldn't use it without permission" idea was what I had in mind.
"Granted, with the internet it is different than in the real world. Cybercrimes are not real crimes, not in the sense like if you stuck a gun in someones ribs and ordered them to give you their money."
There are a lot of real-life crimes or misdeme
Re:Exactly (Score:2)
While I hadn;ty previously though of it, it does seem to make sense that with an open wireless access point with DHCP, a third party effectively does have permission to use it. While there may be no sign saying "please use this access point" the user has made a simple request to use it, and the equipment (the WAP) has not only responded in the affirmative, but has explicitly given the user the details it needs to make use of that access point. it has given out an IP address, netmask, default gateway and dns
Re:Exactly (Score:2)
I would think that a WEP encryption would be the equivalent of a door. Anyone with access to google can figure out how to hack through WEP. But that is a flag saying, this is a private network.
Telling people who get their wireless jacked isnt placing the onus of security on the victims, its placing the onus of delineating th
Re:Exactly (Score:2)
But that just doesn't work for the internet. The internet works ONLY by the fact that it is open. Look at DNS servers: do you have 'permission' to use them? No...but you use them anyway; the internet would be broken without these kinda ad-hoc, sure you can use my resources, networks. Packet-routing (another key internet feature) works like this too; there is no express permission given, just assumed.
And so it is for your wifi network. It
Re:Exactly (Score:2)
If you run an open AP and the signal is strong enough to enter my house, aren't you trespassing in the first place?
Broadcasting -- Secure That Signal. (Score:2)
Re:Exactly (Score:2)
Property huh? It's not your property ass. And even if it were, you lost the right to tell me not to use it when it crossed my property line.
Re:Exactly (Score:2)
What I think is more important, though, is the fact that your house, your garden, your car and all these things are actually your *property*, which is something you can't say about your wireless LAN. Sure, the equipment belongs to you, but the actual abstract concept of the network that is created wh
Re:Exactly (Score:2)
The physical property analogy is not really relevant. The previously mentioned light out the window, or wireless speaker analogy is more apt.
The o
Re:Exactly (Score:2)
Taking the story from another angle (i.e., not blaming the owner of the network for the use of it by someone else) ... I don't use that which I don't have permission to and that's how I teach my children to act. All the geeks want to blame the florida retiree in Florida for leaving his network open (and maybe for dimpling a chad too ... but that's another discussion :p).
So ... is the woman who carries their wallet in her hand at fault for someone stealing it? Is she at fault for getting raped if she dres
Re:Exactly (Score:2)
Re:Open doors (Score:2, Insightful)
Internet protocols are made to allow software to automaticall
Re:Open doors (Score:3, Insightful)
If you're broadcasting wifi access onto my property, why shouldn't I be free to use it? Especially if you haven't bothered to protect it in any way?
I've done nothing wrong if you're blasting your radio and I can listen to it from my front yard or if I can overhear a loud conversation you're having. You can't force me to "give you your water back" if your water sprinkler throws over into my yard all day long.
Re:Open doors (Score:2)
Re:Open doors (Score:3, Funny)
BTW, I wonder how long before some stupid guy sues his neighbour for broadcasting his WiFi signal onto his property.
Re:Open doors (Score:2)
Re:Open doors (Score:2)
For instance, while a house with no doors in the frames is still technically a "closed" facility and uninvited entry may be characterized as breaking and entering. And most of us utilize (snail-)mailboxes without any sort of lock, recognizing that it is a federal crime to mess with someone else's mail. Most things are like this. You don't have to lock your car for it to be "stolen". Use of an unattended, unsecured bicycle is treated
Re:Open doors (Score:2)
How is one supposed to distinguish between open wireless networks are okay to use and those which are not? Common sense only goes so far in helping to make this determination.
IMHO if the WAP says that it's public and it grants connections to strangers, then those people should not be held liable fo
Re:Open doors (Score:2)
The default of enabling WiFi by default is somewhat problematic here because it lets people use it without having to know anything about what they are actually doing.
As for WEP, the only thing it may be good for is proving willful intrusion - WEP does not magically break itself. For actual protection, people should opt for the full basic regiment of changing SSID and disabling its broadcasting, use WPA-AES and MAC whitelist.
Newer Linksys firmware have a one-click configuration button that automatical