how-to block ads
|
wifi sucks
@verizon.net
| reply to BosstonesOwn
Re: Deserved arrest
said by "BosstonesOwn":
Then when the router broadcasts it is trying to access my computer since each AP is aware of it's surrounding systems and Yes they do try and handshake. So that equipment is in violation of the law also.
That's a good point, and that gives me a good idea on how to solve the "unprotected WiFi AP problem" - simply drive around, "reverse wardriving" - have a client PC set up, and log how many APs broadcast their SSIDs or otherwise attempt to handshake with my client. (Could also use a WDS-capable router wired to the laptop, for varieties' sake, I guess.)
The idea being, that all of these homeowners with unsecured WiFi APs, are GUILTY of "unauthorized access" to my client PC with wireless NIC. (It shouldn't matter legally that it happens to be travelling - it is in my vehicle, which is my personal property.)
Ok, honestly, I doubt that it would stick, but it *could* get people to "think twice" about the overly-broad mis-application of those "computer trespass" statutes.
We need to have a "WiFi awareness month" or something, perhaps some month in the summer. The idea is, that knowledgable geeks in the local community would volunteer their services and mostly technical knowledge, and help those that came forward with questions about WiFi technology and deploying and securing it. (Plus, it could prove profitable should those geeks also offer their installation / configuration services privately on the side too.  )
Perhaps DSLR / BBR would consider spearheading some sort of effort in that direction? I wouldn't be surprised if Linksys and Intel might get behind it too, perhaps with some free promotion or donations or something. Could be interesting.
But the only problem is, the technology in this space is still evolving at a rapid pace, WEP, WPA, WPA2, 802.11b, .11g, and now MIMO, etc. I wonder if one month a year would be "good enough"... but at least there should be some sort of "awareness day", kind of like how people check their smoke alarms twice a year - they should check their WiFi installation / security / technology as well. | |
wifi sucks
@verizon.net
| reply to SometimeWarDriver
said by "SometimeWarDriver":
Maybe if you were a bank robber and did this in the course of trying to make your getaway. But if using someone's driveway to turn around were your only offense, any attempt to prosecute you would be laughed out of court. (It would be different, mind you, if the owner had put up signs at the end of his driveway saying "POSTED - NO TRESPASSING - DON'T EVEN THINK ABOUT TURNING AROUND HERE!")
Thank you, excellent example. Again, people - "notice", and "intent". Those are really the key issues here. The wireless AP mfgs need to implement a mean to provide clear notice, and they need to do it *stat*, or there are going to be more of these annoying and hap-hazardly prosecuted cases, further muddying the legal issues involved. | |
wifi sucks
@verizon.net
| reply to spenster
said by "spenster":
Hey Karl, does the name Paul Timmins ring a bell? All he did was use an open access point to check his email at Lowes and once they contacted the FBI, he was charged with one count of unauthorized computer access.
He should have used the defense, "Windows XP made me do it" - referring of course to the fact that the WZC wizard automagically seeks out and assocates with the wireless AP with the strongest signal, to connect to the internet. He could have said, "Hey, I just opened my laptop, and it had an internet signal, so I decided to check my e-mail. I had no idea who was providing that signal."
At least that would have provided a fairly simple-to-understand and sensible defense. That wouldn't apply though, should it have been proven if he was trying to "hack Lowes" wirelessly though. (Was he? I hadn't heard about that case.)
WiFi was more or less originally designed for "open" access, much like ethernet, and then components of the protocol were provided to create private spaces, namely the use of encryption. If the owners of the AP didn't use it, then that should really be their fault, IMHO.
I mean, what happens, when everyone and their brother starts to provide "free WiFi internet access", and there are several stores nearby (say, at a mall), that provide such a feature, along with some stores that do not, but also use WiFi for (private) purposes, but (negligently) lacking encryption. Combine that with things like WZC, and you've got a lawyer / prosecuting attorney field day, quite frankly. What a mess. The sensible thing to do is, consider the issues of: 1) intent, and 2) notification.
For example, in this state IIRC, you cannot *prosecute*, at least not criminally, trespassing, on your land, unless it is "posted" with clear notice. Sure, the landowner can call the cops to have you escorted off of the property, but they don't necessarily have the ability to prosecute it as a crime, unless they clearly stated "no trespassing" - in that case, then being on the property without authorization would indeed constitute clear proof of "intent to trespass".
Without clear notice, there is no clear intent, and thus no real case for criminal prosecution. That same standard should be used for wireless APs connected to the internet, IMHO. All APs, should have an initial sign-on page, should common internet protocols be used to access the AP, from a previously-unknown MAC address. That sign-on page should clearly state whether or not the access that was being provided by that AP was for public or private usage only, and then either block the MAC address, or allow it, perhaps for a limited time / bandwidth quota only, after perhaps providing some identification details.
The consumer wireless AP providers really need to "step up to the plate" here, and offer something like that, although I think I recall that some entity was claiming patent rights on that sort of initial-contact hotspot sign-up page idea. If that's true, then that's too bad, seems like an "obvious" invention to me. (If visitor is unidentified, tell them "halt", and force them to identify themselves before allowing access. Standard access-control protocol, since the middle ages even!) | |
wifi sucks
@verizon.net
| reply to BVT
said by "BluVeiner":
That subsection & the courts interpretation is very dangerous. Anyone could file a complaint against anyone that accessed their system. It is way to broad. Wait until BestBuy starts claiming break-ins on their computer because someone has accessed it to compare prices. There are numerous price comparison websites that will fall under this law if a company tries to pursue it.
The interpretation, in effect, outlaws the internet.
Wow, yours is the first post here that really "gets it". IMHO, your logical conclusion as to this interpretation of the law is indeed what would effectively happen. It would give web sites the power to arbitrarily start filing "computer trespass" charges against various parties simply for accessing their publically-accessable web sites, should they so choose to throw their weight around.
Although it might be difficult for a court to be able to understand this - the technical protocol used, allows for the (physical) property owner to implement access-control *if they so choose*, but if they do not, then the protocol defaults to "public" access.
For another example, consider a post-office box. Could someone file "trespass" or "theft of service" charges, if an unwanted party mailed them a letter to their post-office box? Why or why not? After all, it's private property, they're paying for it, and unwanted mail takes up space in their box - shouldn't other parties have to obtain proper legal authorization first before using it? What? You mean to tell me that the "postal protocol", allows anyone to mail letters, to any postal box? Why, that's outrageous! I bet most P.O. box holders don't even know that those boxes default to an open, public, "allow" protocol... that should be changed! | |
SometimeWarDriver
@146.148.x.x
| reply to oliphant
Let's try another analogy. You're driving down a country road and you miss your turn. You need to turn around. From Driver's Ed, you remember that the safe, legal way to turn around is to back into a driveway on your right, then turn left onto the road. So you do just that. In effect, you use someone's private property without their permission in order to get or enhance your access to the public network of roads. Did you commit criminal trespass? Maybe so, in a technical, legalistic sense. Could you be prosecuted for it? Maybe if you were a bank robber and did this in the course of trying to make your getaway. But if using someone's driveway to turn around were your only offense, any attempt to prosecute you would be laughed out of court. (It would be different, mind you, if the owner had put up signs at the end of his driveway saying "POSTED - NO TRESPASSING - DON'T EVEN THINK ABOUT TURNING AROUND HERE!")
Here's another. We're at a picnic in the park. You have a bottle of soda. I've gone on a hike and left a bottle opener on my cooler. You borrow my opener, without my permission, to open your drink. I return just in time to catch you in the act and I accuse you of theft. Am I acting reasonably?
One more. I work in an office where pads and pencils are not provided. Employees are expected to bring their own Post-Its and Bics. I go to visit a coworker in his cubicle but he isn't there. Am I behaving acceptably if I pick up his pen and write him a note on a piece of his paper, or does that constitute theft of his office supplies?
Fact is, people use each other's property all the time, often without explicit permission. Where do you draw the line between reasonable borrowing and criminal theft? | |
lucky644
Premium
join:2002-02-04
| reply to 93254336
said by 93254336  :said by TKJunkMail :This guy deserved to be arrested. He knew he wasn't getting access from a legitimate free hotspot. While his intentions may not be known for sure, he surely wasn't just trying to get free internet access. More than likely he was trying to steal information. Just because the homeowner had an unsecured AP, it doesn't make what this guy did legal. Try him in court, fine him, and confiscate all his computer and network equipment. And then put him on probation where if he gets caught again he goes to jail. I agree. Attempting to access wireless networks without permission is no different than going through a neighborhood and trying the front doors of all the houses to see which ones are unlocked. An unlocked door is not an implicit invitation to enter and take what you want. - Dan Ridiculious analogy, using someones internet that they're broadcasting is far different from actually entering someones HOME without permission. | |
RJ44
join:2001-10-19
Nashville, TN
| reply to Dragasoni
said by Dragasoni :You "older" folks with your "morals" sound really stupid, you need to adapt to the year 2005. -Dragasoni- Wow, I must be stupid. I didn't realize morality had a time limit.
RJ | |
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA | reply to BosstonesOwn
If I don't see an obvious owner yeah. It's not mine. It could have fallen out of the pocket of someone just a minute before and they're on their way back for it. I don't follow the principle (or lack thereof) of finders keepers, losers weepers. | |
boog
Premium
join:2000-07-24
Trenton, OH
| reply to LinuxJunkie
said by LinuxJunkie :But it contains no hard drive so therefore it contains no pertinent, private or valuable data. If you were to connect to my AP it would have to ask my linux box for an ip address, it has a hard drive. The linux box is also the dns server, which is handed out in the dhcp request. I would say that would be "connecting" to my computer.
Even with that said, I still have to feel that if they didn't try to lock it down in any way, they must not care that anyone connects to it. I believe that AP's and wireless routers come with directions, and it says in there that if you don't encrypt or at least mac filter, that anyone can connect and possibly steal your info.
I for one do care and I lock mine down.
Am I a hypocrite? I'm sure it can be twisted to look like I am. | |
Sodium
Premium
join:2003-12-02
Rice Lake, WI
| reply to LinuxJunkie
said by LinuxJunkie :But it contains no hard drive so therefore it contains no pertinent, private or valuable data. Nice try with the spin, however. Furthermore, that law says "any computer connected to the Internet" -- what about computers that are simply on a closed LAN that happens to have a wireless connection? No Internet connection there so that law wouldn't even apply in that case. My LinkSys WRT54GS has the CPU, Memory, etc. mentioned as well as 8M of Flash memory and a version of Linux compiled for the custom Broadcom CPU.
I have logging enabled on my router, which *could* contain private/valuable information stored in the Flash memory - i.e. private MAC addresses, who's been on my network, etc. I would consider the Flash memory a form of hard drive in that the memory is non-volatile.
I have to agree with you about the closed LAN thing though, in general. The problem is the only way to really know if it's a closed LAN or if it's connected to the internet is if you connect to the AP itself.
Boy, I would really hate to be a lawyer in the Information Age.  | |
Sodium
Premium
join:2003-12-02
Rice Lake, WI
|  reply to BosstonesOwn
said by BosstonesOwn :Radio , TV thinks like that equate to it. Not quite. Radio and TV signals are "passive", meaning they require no response from you to deliver the product. When you listen to your radio or watch TV, you are analyzing radio waves that are passing through the Rx antenna. I.e. you don't need to send a signal to the TV station to let them know you want to change channels, you just hop to the next frequency band that corresponds to the next channel to want to view.
WiFi is an "active" signal, meaning it needs a response from the user to deliver its intended product. You need to send packets to the AP to tell it to route you to google.com or to the proper drive on the home media server on your LAN, for examples.
Therefore, your argument of just using what's already passing through the air is null. In order to use the connection, you would have to knowingly respond to the AP to make the proper requests, and therefore knowingly be making access to the user's network without their permission (which is illegal).
I don't understand your comment about bandwidth being "not metered", either. My connection bogs down with just 3 people using it at once (only 512kbps  ). I call it illegal if someone uses my connection without my permission because it is a service that I am paying for, just like phone service, cable/satellite TV, electricity, etc. It's called "theft of service". I see you are a Comcast cable user. Try uncapping your modem to get 50mbps for a day and you will find out what I'm talking about. | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to TKJunkMail
said by TKJunkMail :This guy deserved to be arrested. He knew he wasn't getting access from a legitimate free hotspot. There are literally hundreds of thousands of people who do the same thing, albeit unknowingly.
Person A has a Linksys AP in it's default state. Person B buys a Linksys AP for his own usage. Person B plugs everything in, sees two APs with SSIDs of "linksys" in his WZC window, and connects to one or the other randomly.
Is he a felon? I've seen it happen all the time.
Besides, the guy in this story was a complete idiot to act suspiciously. People knowingly connect to other people's APs all the time and never get caught. The fact of the matter is that the people who sit and have their APs used for free browsing (and thus have everything in their default state) don't have the logs to prove that it ever happened. At most, they'll have an entry on the DHCP lease page of their router, which is easily cleared before disconnecting.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
iPod Shuffle=iPos
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 6200+ | |
rodoke
join:2003-10-28
Carbondale, IL
2 edits | reply to oliphant
said by oliphant :Love that partisan closed-mind policy there Karl? It's that twisted logic of everything being the fault of the "liberals" or the "conservatives" that has crazy activist judges saying it's the rape victims' fault they got raped because they voted wrong in the last election. Stupidity is asking to be victimized...especially by nerds and powerbooks. It's too much to expect people to <cartman>respect others' PROPERTY</cartman>. I won't understand this simple concept until I'm defrauded or framed. There. I fixed it for you. | |
DaDogs
Semper Vigilantis
Premium
join:2004-02-28
Deltaville, VA
| reply to Dragasoni
said by Dragasoni :You "older" folks with your "morals" sound really stupid, you need to adapt to the year 2005. -Dragasoni- Hmmm ...
--
Need a bit more range? WWW.FREEANTENNAS.COMNeed a bit more privacy? WWW.FREEANTENNAS.COMNeed a bit more speed? WWW.FREEANTENNAS.COM | |
spenster
join:2001-04-03
Houston, TX
| reply to Karl Bode
quote:
I think it's wrong if he accesses the person's PC, causes damage, throttles connections, engages in criminal activity etc.
Do I think it wrong if someone drives by a neighborhood, and uses a totally unprotected hotspot to send e-mail? Check stock quotes? Surf? No. Nobody is harmed.
Don't want that? Secure your hotspot.
The idea we'd start prosecuting such cases is utterly idiotic.
Hey Karl, does the name Paul Timmins ring a bell? All he did was use an open access point to check his email at Lowes and once they contacted the FBI, he was charged with one count of unauthorized computer access. | |
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
 ·Comcast
| reply to oliphant
said by oliphant :What if it's a $1000 calculator? The fact that you returned it doesn't negate the fact that you didn't have a right to touch it. So you're cool if people 'borrow' your car without your knowledge or permission so long as they bring it back? So by your meanings if you found an ipod in the street and no one was around to lay claim you would leave it there and keep walking?
If so Now I have an idea why you are so against this. You lost an ipod and couldn't find it.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
| reply to oliphant
said by oliphant :So if you leave your door unlocked that is permission for me to enter. That's fine. An AP is a gate. Encryption is a lock on the gate. You must actively connect to the AP just as you must open the gate. Neither imply permission to do anything. See you go back to a physical intrusion which is nothing like a broadcast item. You are putting it out to be seen by many. You don't leave a door open and a sign saying come in and take what you want.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
| reply to oliphant
said by oliphant :It's wouldn't occur to you that it's just wrong would it? Then when the router broadcasts it is trying to access my computer since each AP is aware of it's surrounding systems and Yes they do try and handshake. So that equipment is in violation of the law also. Come on man make some common sense approaches and don't try and blanket a law to fit all the issues at hand.
That is why america is horrible at the moment lawyers try to use laws to blanket everything. That is why every one is sue happy and every insurance rate is going sky high.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
iamsomeone
@rr.com
| reply to oliphant
wow from most of your comments you seem intelligent but here maybe you neglected to read what you replied to..... i said the right or wrong of taking the calculator was NOT in dispute. taking the calculator is wrong, taking the calculator is stealing. taking the calculator is NOT a third degree felony but the calculator IS a computer (in the same way that an AP is... even more so if it's a nice one like a TI-89) so by the definition that accessing a computer(if an AP falls under the definition of a computer) is a third degree felony then taking the calculator would be a third degree felony.
no, the fact that the calculator was returned does NOT negate the fact that the other person did not have a right to touch it.
no, i'm not cool if people 'borrow my car without my knowledge or permission so long as they bring it back.
(and FYI also no, i do not condone wardriving to use open WIFIs. but whether something is right or wrong does not always mean it is or should be legal/illegal -- or, more relevantly, whether it is or should be interpreted as legal/illegal when there is no legislation pertaining specifically to the actions in question) | |
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA
1 edit | reply to iamsomeone
What if it's a $1000 calculator? The fact that you returned it doesn't negate the fact that you didn't have a right to touch it.
So you're cool if people 'borrow' your car without your knowledge or permission so long as they bring it back? | |
|
