Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
 ·Site5.com
 ·AT&T Midwest
 ·Comcast
|  A few bad apples...
For starters, I have a high gain magnetic mount antenna that I use to get access to open access points. So yes, I wardrive. However, is it illegal? Probably. I look at a network as property of a house or workplace. If they leave the front door wide open, do I have permission to come in? What about come in and use their electricity or appliances? Can I watch TV in their den? Most people would be royally pissed if they left their front door unlocked and then came home to find someone on their couch watching TV.
Now, a lot of people aren't going to notice the intrusion. Most wardrivers aren't going to hurt anything. However, it will be the few bad apples that spoil it for everyone. I know some wardrivers who try to do damage for instance. There is one person I know who checks for the default router password and changes it for instance. Others look for open shares in the workgroup domain and delete files.
It will be those people that will make wardriving a crime.
--
My Domain
Nightfall's Hockey and Life Journal |
|
Imogen8
join:2001-11-04
UK
| what about signal disruption?
would it be legal to fire up bit of equipment that interfered with the wireless signal and made the network useless? what if someone does it unknowingly? would they be committing an offense?
I mean they have not accessed anything illegal  |
|
subman87
Another day in the Brentwood
join:2000-11-24
Harrison, NY | non - sense article
I've used my laptop outside public building's (town hall & library) that were WI-FI equipped, and was never approached by an officer of the law. Sorry but this article is a BS. |
|
DaDogs
Semper Vigilantis
Premium
join:2004-02-28
Deltaville, VA
2 edits | reply to Nightfall
Re: A few bad apples...
Nightfall;
If you are accessing systems which you believe to be private and not available for putlic access, you are demonstrating a serious conflict between what you do and what you believe. If you believe it is wrong, you should not do it.
However, as far as I am aware (and I used to do intercept work for a living). You do not need Title authorization to intercept an unencrypted 802.11b data streams. You do need wiretap orders to intercept cellular, mobile phone, and voice pager. Unless something has changed, you do not need authorization to intercept digital pager. It is not illegal to monitor public service communications fire, police, and rescue. As far as I am aware, and unless something has changed drastically, the only new protected communications since 1993 is the link between a cordless phone and it's base unit. Indeed that was not protected until the Supreme Court ruled on a drug smuggeling case out of San Angelo, Texas, where *someone* intercepted Arabic language communications between the handheld and the base and taped it.... circa 1993.
Bottom line, you probably are not illegal if you are intercepting 802.1x but you may be illegal at the moment you associate with an access point. Anyone running a wireless sniffer should carefully research any assertions I made here because I have had little interest in the changes in the laws since 1993. A lot can change in eleven years.
All that said, I run wireless sniffers from time to time. I have monitored networks where I was confident the owners of those networks would not approve of me having access to the network content. I have used the information gleaned to improve the security of anyone who would listen. I do not approach the vulenrable networks personally because to date I have not bothered with anything but networks which clearly should have been secured and which were not secured. I have spoken with state reps and asked them to talk with the cities and counties involved to make them aware they are not secured. So far this process has worked and not gotten me into trouble. I tend to be very cautious because this is one kind of play where they will definately shoot the messanger if the public is made aware of their stupidity. County and city officials really hate being made to look stupid.
Personally I would like to see an application developed for the wardriver which would log into a completely unsecured AP which remained at it's defaults and set a WEP key, change the admin password, and log off all automagically. Then I would like to see about 500 war drivers running around the US with that piece of software running from their cars. Sounds harsh? Yeah, but it would damn sure get the people's attention and that needed to happen a long time ago.
--
»members.ozemail.com.au/~lbrash/msjokes/ |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| reply to Nightfall
said by Nightfall  :
For starters, I have a high gain magnetic mount antenna that I use to get access to open access points. So yes, I wardrive. However, is it illegal? Probably.
You are also violating FCC law. If your antenna is NOT type accepted for that piece of equipment, then you are breaking the law.
Also, if the antenna has a high gain and goes over the 1W ERP (with an omni-directional antenna) or 4W (with a yagi antenna), you are above Part 15 rules and therefore in violation.
»www.pacwireless.com/faq/fcc_eirp.shtml |
|
hedyd4u
Premium
join:2003-12-16
Schenectady, NY
| reply to Nightfall
No you do not have permission to just walk in and make your self at home. Just because some liberal lawyers thinks so, you can get yourself shot doing so. Dead men don't talk so when the police come they will hear you broke in to satisfy you liberals who think you can use property that is not yours. You can justify your criminal behavior any way you want but a crime is still a crime.
Why are the morals and ethics so low in America today? |
|
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
·Site5.com
·AT&T Midwest
·Comcast
| said by hedyd4u :
Why are the morals and ethics so low in America today?
Ask the file traders that same question.
--
My Domain
Nightfall's Hockey and Life Journal |
|
PDXPLT
join:2003-12-04
Banks, OR
| reply to Imogen8
said by Imogen8 :
what about signal disruption?
would it be legal to fire up bit of equipment that interfered with the wireless signal and made the network useless?
Maybe. Wi-Fi devices operate as unlicensed transmitters under FCC Part 15. As such, they must accept interference from other legal devices, including other Part 15 devices [this is different from being a licensed device, such as a cellphone or radio station, which can make unlicensed operators stop operation if they interfere].
So, yes, it is possible to operate a piece of equipment that interferes with the network, so long as the interfering equipment is operating within FCC Part 15 limits. You wouldn't be breaking any federal law. And federal law should pre-empt any state law in this area. |
|
calvoiper
join:2003-03-31
Belvedere Tiburon, CA
| reply to moonpuppy
said by moonpuppy :
You are also violating FCC law. If your antenna is NOT type accepted for that piece of equipment, then you are breaking the law.
Also, if the antenna has a high gain and goes over the 1W ERP (with an omni-directional antenna) or 4W (with a yagi antenna), you are above Part 15 rules and therefore in violation.
»www.pacwireless.com/faq/fcc_eirp.shtml
Both being things that Michael Powell is extremely concerned about, I'm sure. He's still trying to drive competitive circuit-switched CLECs out of business.
Question: Has anyone, anywhere in the US, ever been prosecuted for signal strength or antenna violations of the Wi-Fi rules? (And note I said "prosecuted", as in being formally charged with a crime in a docketed court case. A "clean up your act" letter doesn't count, whether it's from the FCC or your mother.)
Calvoiper
--
VoIP--the death knell of remaining voice monopolies! |
|
footballdude
Premium
join:2002-08-13
Imperial, MO
| reply to Nightfall
said by Nightfall :
I know some wardrivers who try to do damage for instance. There is one person I know who checks for the default router password and changes it for instance.
I hope you take that big goalie stick and whack his shins for him. Every goalie I ever got close to didn't seem to have a problem with that. |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| reply to calvoiper
said by calvoiper :
Both being things that Michael Powell is extremely concerned about, I'm sure. He's still trying to drive competitive circuit-switched CLECs out of business.
Your sarcasm rings through. 
said by calvoiper :
Question: Has anyone, anywhere in the US, ever been prosecuted for signal strength or antenna violations of the Wi-Fi rules? (And note I said "prosecuted", as in being formally charged with a crime in a docketed court case. A "clean up your act" letter doesn't count, whether it's from the FCC or your mother.)
Calvoiper
Maybe not yet. Remember, these are Part 15 devices. The only way a prosecution will happen is if someone reports interference and the person is caught. Personally, I would rather go after murderers and rapists then concern myself with people using hyped up antennas. |
|
thoughtfulguy
@covad.net | reply to hedyd4u
I really love how for a select group of Americans any and every issue boils down to "liberals" dragging down American "morals." Hey, buddy: everything is NOT a nail! |
|
Sodium
Premium
join:2003-12-02
Rice Lake, WI
|  reply to DaDogs
Intercepting 802.11b data streams is not illegal per se, but once you logon to a network without that network administrator's permission you are breaking the law! The safest way to go wardriving is to disable the TCP/IP protocol and just log the access points on a map. I have had my laptop repossessed by the police for wardriving (long story, but essentially a friend got caught being stupid and I lost my laptop for a few days. I only used it because broadband is unavailable in the rural area where I live and I was leeching from rich people in the wee hours of the morning  ).
The idea you propose is interesting. It reminds me of a worm written by a whitehat hacker to patch I believe the NIMDA or CODE RED worm that attacked SQL servers. Anyway the worm did patch the code on the vulnerable machines it found, but it was a worm nonetheless and its method of propagation no different than the blackhat version. The effect? Thousands of logjammed servers getting DOS flooded by the whitehat version trying to propagate itself.
Aside from the fact of being very illegal, the fact remains that if the people weren't intelligent enough to set a WEP key right off the bat, then how would they know what is going on once their computers that are connected wirelessly suddenly stop connecting to the internet? They will spend a few hours on the phone with tech support until they reset the router back to its default settings of open wireless, and then you will be back to where you started from.
I believe the best solution would be to get rid of WEP immediately (WEP is totally open to bruteforce attacks on its encryption, no matter what the keylength) and either patch WAP (WAP is open to the MICHAEL vulnerability which will shut down the AP if flooded with packets) or come up with a new standard. In the meantime, manufacturers should be required to provide firmware upgrades to WEP-only routers that both require WEP encryption and require the change of password every so often to prevent brute-forcing the keys. Unfortunately, like most critical vulnerabilities, the damage has already been done and it would be very difficult to upgrade even half of the routers out there with built-in WEP because the firmware upgrade would have to be done voluntarily by the end-user. And now we are back to where we started, are we not?  |
|
