Karl Bode
News Guy
join:2000-03-02
Host:
Road Runner
PC gaming GAMES
PC gaming Tech
edit:
July 4th, @02:45PM
| reply to oliphant
Re: Deserved arrest
I think it's wrong if he accesses the person's PC, causes damage, throttles connections, engages in criminal activity etc.
Do I think it wrong if someone drives by a neighborhood, and uses a totally unprotected hotspot to send e-mail? Check stock quotes? Surf? No. Nobody is harmed.
Don't want that? Secure your hotspot.
The idea we'd start prosecuting such cases is utterly idiotic. |
|
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA | Wow...cool.
It's the 4th and my neighbor has a nice pool. Wonder if they would mind me taking a dip and using their BBQ...after all nobody is harmed. |
|
Karl Bode
News Guy
join:2000-03-02 | Physical real world trespass comparisons are stupid and you know it. |
|
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA | And that would be how? No one is harmed in either case. It's an 'intrusion' in either case. We're using stuff that doesn't belong to us without knowledge of the OWNER in either case. I see it as a DIRECT comparison. |
|
Karl Bode
News Guy
join:2000-03-02
Host:
Road Runner
PC gaming GAMES
PC gaming Tech
| quote:
And that would be how? No one is harmed in either case. It's an 'intrusion' in either case. We're using stuff that doesn't belong to us without knowledge of the OWNER in either case. I see it as a DIRECT comparison.
And that's a flaw in logic. Your pool is not sitting open and inviting in the middle of the street. It's probably fenced behind your house to avoid such intrusions. As your hotspot should be. |
|
iamsomeone
@stmarytx.edu
| the pool is "almost" a fair comparison except.... it would be an equal comparison if your pool had a sign on it saying anyone is free to use it and you standing by the sign waving for people to come in. Your pool does not have a setting that can be set to assign leases to all incoming connections or to be "private". AP's can be set either to only allow some connections or to "allow" everything, and assign a "lease" to whichever computers within range. If it's set to assign a lease to whatever is in range, then it makes sense that this would constitute "permission"---- unless there is some sort of security or encryption that the user is "tricking" or "hacking". Security in itself does not change whether it's illegal or not to connect, but if there is security then the user connecting is lying about it's identity which would seem to relate to "obtaining property (service) under false pretenses". |
|
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA
edit:
July 4th, @06:02PM
| So if you leave your door unlocked that is permission for me to enter. That's fine.
An AP is a gate. Encryption is a lock on the gate.
You must actively connect to the AP just as you must open the gate. Neither imply permission to do anything. |
|
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
 ·Comcast
·Comcast Formerly ..
| said by oliphant  :So if you leave your door unlocked that is permission for me to enter. That's fine. An AP is a gate. Encryption is a lock on the gate. You must actively connect to the AP just as you must open the gate. Neither imply permission to do anything. See you go back to a physical intrusion which is nothing like a broadcast item. You are putting it out to be seen by many. You don't leave a door open and a sign saying come in and take what you want.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" |
|
spenster
join:2001-04-03
Houston, TX
| reply to Karl Bode
quote:
I think it's wrong if he accesses the person's PC, causes damage, throttles connections, engages in criminal activity etc.
Do I think it wrong if someone drives by a neighborhood, and uses a totally unprotected hotspot to send e-mail? Check stock quotes? Surf? No. Nobody is harmed.
Don't want that? Secure your hotspot.
The idea we'd start prosecuting such cases is utterly idiotic.
Hey Karl, does the name Paul Timmins ring a bell? All he did was use an open access point to check his email at Lowes and once they contacted the FBI, he was charged with one count of unauthorized computer access. |
|
SometimeWarDriver
@146.148.x.x
| reply to oliphant
Let's try another analogy. You're driving down a country road and you miss your turn. You need to turn around. From Driver's Ed, you remember that the safe, legal way to turn around is to back into a driveway on your right, then turn left onto the road. So you do just that. In effect, you use someone's private property without their permission in order to get or enhance your access to the public network of roads. Did you commit criminal trespass? Maybe so, in a technical, legalistic sense. Could you be prosecuted for it? Maybe if you were a bank robber and did this in the course of trying to make your getaway. But if using someone's driveway to turn around were your only offense, any attempt to prosecute you would be laughed out of court. (It would be different, mind you, if the owner had put up signs at the end of his driveway saying "POSTED - NO TRESPASSING - DON'T EVEN THINK ABOUT TURNING AROUND HERE!")
Here's another. We're at a picnic in the park. You have a bottle of soda. I've gone on a hike and left a bottle opener on my cooler. You borrow my opener, without my permission, to open your drink. I return just in time to catch you in the act and I accuse you of theft. Am I acting reasonably?
One more. I work in an office where pads and pencils are not provided. Employees are expected to bring their own Post-Its and Bics. I go to visit a coworker in his cubicle but he isn't there. Am I behaving acceptably if I pick up his pen and write him a note on a piece of his paper, or does that constitute theft of his office supplies?
Fact is, people use each other's property all the time, often without explicit permission. Where do you draw the line between reasonable borrowing and criminal theft? |
|
wifi sucks
@verizon.net
| reply to spenster
said by "spenster":
Hey Karl, does the name Paul Timmins ring a bell? All he did was use an open access point to check his email at Lowes and once they contacted the FBI, he was charged with one count of unauthorized computer access.
He should have used the defense, "Windows XP made me do it" - referring of course to the fact that the WZC wizard automagically seeks out and assocates with the wireless AP with the strongest signal, to connect to the internet. He could have said, "Hey, I just opened my laptop, and it had an internet signal, so I decided to check my e-mail. I had no idea who was providing that signal."
At least that would have provided a fairly simple-to-understand and sensible defense. That wouldn't apply though, should it have been proven if he was trying to "hack Lowes" wirelessly though. (Was he? I hadn't heard about that case.)
WiFi was more or less originally designed for "open" access, much like ethernet, and then components of the protocol were provided to create private spaces, namely the use of encryption. If the owners of the AP didn't use it, then that should really be their fault, IMHO.
I mean, what happens, when everyone and their brother starts to provide "free WiFi internet access", and there are several stores nearby (say, at a mall), that provide such a feature, along with some stores that do not, but also use WiFi for (private) purposes, but (negligently) lacking encryption. Combine that with things like WZC, and you've got a lawyer / prosecuting attorney field day, quite frankly. What a mess. The sensible thing to do is, consider the issues of: 1) intent, and 2) notification.
For example, in this state IIRC, you cannot *prosecute*, at least not criminally, trespassing, on your land, unless it is "posted" with clear notice. Sure, the landowner can call the cops to have you escorted off of the property, but they don't necessarily have the ability to prosecute it as a crime, unless they clearly stated "no trespassing" - in that case, then being on the property without authorization would indeed constitute clear proof of "intent to trespass".
Without clear notice, there is no clear intent, and thus no real case for criminal prosecution. That same standard should be used for wireless APs connected to the internet, IMHO. All APs, should have an initial sign-on page, should common internet protocols be used to access the AP, from a previously-unknown MAC address. That sign-on page should clearly state whether or not the access that was being provided by that AP was for public or private usage only, and then either block the MAC address, or allow it, perhaps for a limited time / bandwidth quota only, after perhaps providing some identification details.
The consumer wireless AP providers really need to "step up to the plate" here, and offer something like that, although I think I recall that some entity was claiming patent rights on that sort of initial-contact hotspot sign-up page idea. If that's true, then that's too bad, seems like an "obvious" invention to me. (If visitor is unidentified, tell them "halt", and force them to identify themselves before allowing access. Standard access-control protocol, since the middle ages even!) |
|
wifi sucks
@verizon.net
| reply to SometimeWarDriver
said by "SometimeWarDriver":
Maybe if you were a bank robber and did this in the course of trying to make your getaway. But if using someone's driveway to turn around were your only offense, any attempt to prosecute you would be laughed out of court. (It would be different, mind you, if the owner had put up signs at the end of his driveway saying "POSTED - NO TRESPASSING - DON'T EVEN THINK ABOUT TURNING AROUND HERE!")
Thank you, excellent example. Again, people - "notice", and "intent". Those are really the key issues here. The wireless AP mfgs need to implement a mean to provide clear notice, and they need to do it *stat*, or there are going to be more of these annoying and hap-hazardly prosecuted cases, further muddying the legal issues involved. |
|
