Judge Rules Sniffing Open Wi-Fi Networks Is Not Wiretapping 308
An anonymous reader writes "Ars reports on a decision from a district judge in Illinois, who ruled that sniffing traffic on an unencrypted Wi-Fi network is not wiretapping. In the ruling, the judge points out an exception in the Wiretap Act which allows people to 'intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.' He concludes that 'the communications sent on an unencrypted Wi-Fi network are readily available to the general public.' Orin Kerr disagrees with the ruling, saying that the intent of the person setting up the network is important: 'No one suggests that unsecured wireless networks are set up with the goal that everyone on the network would be free to read the private communications of others.'"
I agree (Score:5, Insightful)
It's wireless tapping... D'oh.
Odd... (Score:3, Insightful)
...because listening to unencrypted cellphones is illegal.
I think that the difference between your conversations and pizza ordering on an analog transmission and on a digital one WRT 4th amendment protection should be zero.
Re: (Score:3)
Re:Odd... (Score:4, Insightful)
I'm not sure where that is in the 4th amendment.
Even so... I think most people *do* have an expectation of privacy when they're receiving and sending email, surfing the net, etc. We -- as technical types -- may be very cynical about just how naive that expectation is, and particularly so if you incorporate an awareness of all the government "finessing" of 4th amendment issues, but my feeling is that the average person would be quite startled if you walked up to them and told them you knew what they'd sent via email the previous evening.
Re:Odd... (Score:5, Insightful)
With enough ignorance, you can have an expectation of anything in any situation at all. The intent of "expectation of privacy" is that it's to a reasonably informed person, not to someone who is wholly ignorant of the topic.
I might have an expectation that I could step into an operating theatre and perform a successful heart transplant. I mean, how hard can it be? But that is based on my own ignorance, and has nothing to do with reality. The "expectation of privacy" clause should be interpreted in the context, "... by those who have some notion of reality", or it's completely meaningless, because ignorance knows no bounds.
Re:Odd... (Score:5, Insightful)
I don't think that follows. I don't know what happens to my letters after I give them to the post office; but I still expect they won't be read by the government without a warrant.
When my mother in law picks up the phone, she doesn't know any of the details of how her voice goes down that wire, or is switched, or amplified, put on microwaves, etc... but she still doesn't think anyone from the government has any business at all listening without a warrant.
Our expectations of privacy from government intrusion aren't set by specific technical processes; they are set by the 4th amendment.
Furthermore, I'm convinced that is exactly how they should be set. It's more than a little far-reaching to say that the only valid expectations require a technical understanding of the process involved.
Re: (Score:2)
Your letters are in an envelope. Think "post cards" instead.
EVERYONE assumes those are read by postal employees. It is ingrained in our culture and was a casual joke used in many TV sitcoms that had post offices in them.
Hell, even one of the Infocom games featured a reference to it!
Re:Odd... (Score:4, Interesting)
My letters are indeed in an envelope; so are my internet communications. Several levels of envelope, in fact. An email package addressed to the recipient on the one hand, and packets containing the data as well. In fact, it's a lot easier for the average person to open the physical envelope and read my mail as compared to intercepting my email.
Again, you're confusing hardening of the boundary with the existence of the boundary. The government is forbidden to access our personal information without a warrant. There's no exception in the 4th amendment that says "unless it's easy."
An open door to your house doesn't automatically turn into "you can come in and do whatever you want."
The whole point of the 4th amendment is to set the boundary for the government. It's not about technical means, it's not about easy, it's not about expectations: It's about the government having to comply with a specific process in order to be able to look at your stuff.
Re:Odd... (Score:4, Insightful)
I disagree with your characterization.
Your internet communications are NOT in several layers of an envelope. They are like post cards, with several rows of addresses. There is no envelope. Everything is written on the outside. They are shouted to the world on open WiFi. Well...at least to the part of the world within radio reception.
I understand what you're saying about the 4th Amendment, but I can easily imagine a gov't agent back in the 1700s following a couple of people and listening as they have a discussion in public.
In all honesty, this is why I advocated WEP -- yes, WEP -- to people who couldn't use WPA. It was, from a legal perspective, a clean signal that my intent was the contents of the transmission were private.
Think of it like an interior, locked door. One of those cheap, hollow doors with a lock you can twist open if you try. The point of the door isn't to keep you out, but to let you know "you aren't supposed to be here unless invited in".
Damn well activate WEP and use the password "abcdabcd" or some such.
This is why my SSID at home is "private_keep_out" and why "No Trespassing" signs are needed.
I think this one falls squarely under the "plain view" doctrine.
Re:Odd... (Score:5, Informative)
"I understand what you're saying about the 4th Amendment, but I can easily imagine a gov't agent back in the 1700s following a couple of people and listening as they have a discussion in public."
You still aren't getting it. When you have a conversation in public there is no reasonable expectation of privacy. Anyone can hear you. When you have a telephone conversation, however, it takes special effort and equipment to listen to your conversation. So it is rather reasonable to expect your conversation to be private. Whether it is a cell phone or land line. (All cell phone traffic is "encapsulated" in packets even when it is not encrypted).
And so is WiFi traffic. While your WiFi might be open, and so it is easy for anyone to detect it or use it (anybody can see you using your cell phone, or borrow it if you let them), actually determining the contents of the communication (i.e., both sides of the "conversation") is another matter. Even your typical sniffer won't do that. It might record those contents but making sense of it takes further work.
So, what it boils down to is that telephone calls and internet traffic are not like public conversations. It takes special effort and tools to intercept those communications. That leads straight to a "reasonable expectation of privacy".
Further, there are already Federal laws against law enforcement using any electronic means to determine any activity in your household that is not readily visible from the outside. Internet use would certainly fall into that category of activity. So this judge's ruling would likely lead to a perverse (but not unheard of) situation in which a regular citizen could intercept communications legally but law enforcement could not.
Re: (Score:2)
And your arguments aren't really on target.
*Lending* someone a cell phone is not that same thing, since you don't have to lend anyone wifi equipment.
And as far as activity in the household not readily visible from outside...that is the point. Wifi is readily available outside the home. I can stand in the public street and pick up most signals.
You are broadcasting an open radio signal that reaches into public space. Sitting in that public space and LISTENING to it is, as far as I'm concerned (and I'm a paran
Re: (Score:3)
It takes "special methods" to open most doors, you have to learn how to turn the knob or push the release lever. Just because internet communications are more complex, doesn't mean they are any less open than an unlocked door. For that matter, reading is a whole special skill required to understand written communication, takes years of learning - probably longer than it would take your average college grad to Google up the tools required to listen in on an open WiFi and start scraping out private communic
Re: (Score:3)
Just because you think it takes "special equipment" doesn't make it so. Just about any computer can listen in on WiFi traffic easily, with no special equipment and just a couple of mouse clicks. Likewise, traditionally, analog cell phone conversations didn't require special equipment to listen to, many receivers could receive it. To prevent reception of analog cell phone conversations, many manufacturers had to add extra hardware to their radios.
Anything you broadcast on the public airwaves should be the
Re: (Score:3)
"*Lending* someone a cell phone is not that same thing, since you don't have to lend anyone wifi equipment."
You are lending them the use of it. You are *allowing* them to use it. You are splitting hairs here that are so fine they may not exist.
"Wifi is readily available outside the home. I can stand in the public street and pick up most signals."
No, you are still missing the point. The signal is readily available... but the contents of those signals are not readily available. It takes special knowledge and equipment to intercept those signals. Sure, those things are: an adapter that can be put into monitor mode, and some sniffing software. Easy to get if you know what you're doing. But the whole point here is that
Re: (Score:3)
"If you want privacy, you must at least close your door or even your curtains."
That's a very good analogy. Because in order to intercept someone's wifi communications, you need the technical knowledge and equipment, and to make a deliberate effort to do so. And you call that "public".
By the very same logic, I can say that I could use my special knowledge and some lockpicks, and pick your door lock in only a couple of minutes.
Should I then consider your living room to be "public"?
Re: (Score:3)
The lock is a method of keeping people out, like ENCRYPTION. A plain signal radio broadcast is not. The signal is in public space. This is why satellite providers ENCRYPT their signals.
LISTENING to a radio signal ON PUBLIC PROPERTY is not the same as ENTERING a private house.
Re: (Score:2)
"Err, no, it requires much more knowledge, intent and work to tap a phone line. To "invade your privacy" over wi-fi all you need is a run-of-the-mill adapter and "Automatically connect to public networks" setting."
That's not even remotely true. My wifi is open, but my network is not.
Anybody can connect to my wifi and get on the Internet. But they can't get into the computers in my home from there.
So your case is very different. If I left my hard drives on an open network that anybody could access just by connecting, I would not have any "reasonable expectation of privacy" either. But that's not what this is about. This is about intercepting internet communications over wifi. In other words, see what web pages I
Re: (Score:2)
"The signal is in public space. This is why satellite providers ENCRYPT their signals."
That is only HALF of the issue here. No, that is not why they encrypt their signals. Not directly, anyway.
If a satellite company does not intend for a channel to be public (i.e., it is supposed to be subscription-only), then it is illegal to intercept that channel and watch it if you haven't paid. Even if they are NOT encrypted.
They encrypt their signals because they found that the law was not enough, and people "stole" their transmissions anyway. But the point here is
Re: (Score:2)
By your logic, if someone has a public conversation in Chinese, it should be illegal to listen to them since proficiency in the Chinese language is "special knowledge".
If you chose to send your personal information via Wi-Fi, cell phone, or other radio signal, you are sending that information as far as the signal will carry it to whomever is in range. If you were having a loud argument in your apartment, would you expect your neighbors to not listen in? If you send your personal information through someon
Re: (Score:3)
No, it is not nor was it EVER illegal to receive an in-the-clear satellite broadcast if you didn't subscribe. This is why "pay" channels were scrambled early on (hello HBO). This is why people used the big dishes (C-band). All the main feeds were unencrypted and available for the taking. The broadcasters had no legal recourse for in-the-clear broadcasts.
The airwaves belong to the public. While they are managed by the gov't to prevent chaos, if it is broadcast in the open it is fully legal to receive.
This is
Re: (Score:2)
Re: (Score:2)
An open door to your house doesn't automatically turn into "you can come in and do whatever you want."
that is a good capsule summary. quotable, even.
similarly, people *could* sit out front of every street corner and watch as cars go by and record their license plates. we were saved this intrusion, years ago, because it was not technically possible (manpower limits). now, the scanning does not need manpower. every plate could be scanned at every street corner, across the globe. is this really the societ
Re: (Score:2)
You can certainly put your email in an "envelope" that would indicate your intention to keep them private. A good way of doing this would be to encode them, such as with PGP. Sending them in plaintext, on the other hand, which can be read by any system administrator between you and the destination, argues that you have no serious concern about keeping them private.
Re: (Score:2)
>>>I don't know what happens to my letters after I give them to the post office; but I still expect they won't be read by the government without a warrant.
That don't need a warrant. I've had a few of my letters & packages opened and resealed. Once the item leaves your hand it's no longer protected from government spying.
Re: (Score:2)
Your mail is protected. That the government violate those protections, I won't contest. But it certainly is protected. The 4th doesn't say that your papers must be in your possession. It just explicitly establishes your right for your papers to be secure.
Re: (Score:3)
"That don't need a warrant. I've had a few of my letters & packages opened and resealed. Once the item leaves your hand it's no longer protected from government spying."
Yes, they do. Whether they actually get one is another matter (we know the government has broken the law at times), but legally they need either a warrant or probable cause.
Re: (Score:2)
Exactly. There are many who, having more technical knowledge than the average citizen, say there can be no reasonable expectation of privacy in an unencrypted transmission. It happens that I know of a neat little trick for reading papyri from late antiquity period without unrolling (i.e. destroying) them. It's called x-ray tomography (CT). Because I have this little bit of technical knowledge, I also know that letters can be read without opening them. Were we to follow this "reasonably informed person" line
Re: (Score:2)
Our law is supposed to be based on actions and beliefs of the theoretical reasonable, common man (person). Those with technical knowledge beyond the norm are not the standard to judge by.
Because it takes knowledge, equipment, and effort beyond the "common" to intercept the contents of wifi traffic, or a cell phone call, or a land telephone call, we have good reason to expect those communications to be private.
Re:Odd... (Score:4, Insightful)
Access to my open wifi is intended to be public. My own communications that go through it are not intended to be public.
I think the judge erred in not distinguishing between the signals themselves and the communication content of those signals.
Re: (Score:2)
Our expectations of privacy from government intrusion aren't set by specific technical processes; they are set by the 4th amendment.
You are saying that the 4A protects us where we have a reasonable expectation of privacy but then that REP is set by the contours of the 4A. That's circular.
Here's a good overview [ssrn.com] of the way the Supreme Court has expanded and operationalized the test for REP:
The Fourth Amendment protects reasonable expectations of privacy, but the Supreme Court has refused to provide a consistent explanation for what makes an expectation of privacy reasonable. The Court's refusal has disappointed scholars and frustrated students for four decades. This article explains why the Supreme Court cannot provide an answer: No one test can accurately and consistently distinguish less troublesome police practices that do not require Fourth Amendment oversight from more troublesome police practices that are reasonable only if the police have a warrant or compelling circumstances. Instead of endorsing one single approach, the Supreme Court uses four different tests at the same time.
Re: (Score:3)
When my mother in law picks up the phone, she doesn't know any of the details of how her voice goes down that wire, or is switched, or amplified, put on microwaves, etc... but she still doesn't think anyone from the government has any business at all listening without a warrant.
The difference is that your grandmother did not net up the wireless hub and she did not select that phone line from a number of available ones (even though it was not encrypted). A standard phone line is not"readily accessible to the general public". It requires physically tapping into the lines.
Intent is meaningless in privacy issues. I could stand at a corner shouting down the street with the intent of my friend hearing. The fact that everyone else can hear it too is irrelevant to my intent. If one's inte
Re: (Score:2)
Re: (Score:2)
Mmmm.... maybe. But generally, just as the government can't read your mail; neither can a private citizen. Just as the government can't tap your cellphone or landline, neither can a private citizen. Just as the government can't arbitrarily enter your home, neither can the private citizen. I think the social standard is clear.
Quite aside from that, this isn't about sharing an open network by establishing your own communications to the net at large; it's about sniffing other people's packets on that network w
Re: (Score:2)
When we understand how something works, it often seems reasonable to think everybody should understand it. But to the majority who feels no need to learn its inner workings, it seems reasonable to just use it and spend their time on what they care about.
So like many things legal or linguistic, we need a clear definition for "reasonable." I suspect there is no objective algorithmic or even legal test for it. If there is one, I'd love to learn it.
Re: (Score:3)
At a high level, my cell phone transmits calls no differently than my computer transmits emails - in both cases, the contents of the communication is sent unencrypted through multiple routers I do not control. Anyone with the equipment and the know-how could intercept both. However, somehow one form is protected and the other is not.
I always found it odd that this "expectation of privacy" that allows the government to snoop on certain communications is defined by whether or not the government is already k
Re: (Score:2)
Fine, there's a provision for just that. The procedure is in article five [usconstitution.net]. Have at it.
Re: (Score:2)
Funny, I read your link but all I saw was instructions for granting the government permission to read my email.
Re: (Score:2)
I think most people *do* have an expectation of privacy when they're receiving and sending email, surfing the net, etc.
They may have an expectation of privacy, but what matters is a reasonable expectation of privacy.
Re: (Score:2)
Re: (Score:2)
And I still don't get why you aren't allowed to grab cell phones that are unencrypted but are allowed to grab laptops..what's the diff?
You're absolutely right. It should be completely legal to intercept cell phone signals that are broadcast in the clear. This will promote actual encryption of cell phone signals, which is better than legal protection in any case. It doesn't matter whether it's legal or illegal to eavesdrop on my phone if it's impossible.
Re: (Score:2)
So I spent an entire day configuring my wifi access ponit such that it was publicly accessible when I got my new internet service (pain in the ass with Verizon's router/modems -- like playing whac-a-mole; disable one type of security and it turns on another!) and you're saying it should be illegal for anyone to actually make use of that? That's the problem -- the counter-argument to this decision seems to be that intent is all that matters, but you can't possibly know that intent! Cellphones are different -
Re: (Score:2)
Also, wifi doesn't work if you can't receive open signals from others. I mean, what you are proposing would be to make it illegal for a computer to scan for wifi networks. No network could broadcast it's SSID -- or, more accurately, it COULD but it would be illegal for anyone to receive that packet...so there would be no point. That would break a lot of things. No more walking into Panera or Starbucks or a hotel and connecting right to their network -- you'd have to get the network information off of some p
Re: (Score:2)
I think that the difference between your conversations and pizza ordering on an analog transmission and on a digital one WRT 4th amendment protection should be zero.
Because you have an expectation of privacy
The problem is that the law gave the illusion of privacy for cell phone calls rather than actual privacy - scanners that can listen to analog cellular were easy to come by even after the ban and there were a number of "private" cell phone conversations made public in the media even after the ban. Some scanners required a simple hardware mod, others could be ordered from overseas sellers that weren't subject to the ban.
It's the same thing with Wifi -- making intercepting unencrypted Wifi transmissions illega
Re: (Score:2)
You're confusing expectation of privacy (being secure in your papers) with encryption (hardening access.) They're not the same thing at all.
Consider unencrypted mail, telephone conversations, an unlocked door to your house, the banking papers in your desk.
Our expectation is that there are boundaries here that are not to be crossed, and it isn't because they're hard to cross, or they exist only when made harder; further, our "sense of security" isn't derived from the existence (or not) of technical means to
Re: (Score:2)
You're confusing expectation of privacy (being secure in your papers) with encryption (hardening access.) They're not the same thing at all.
No, I'm pointing out that using law to grant people an "expectation of privacy" doesn't give them anything. The government could pass a law saying that it's illegal to eavesdrop on conversations in restaurants, yet people would understand that they should not conduct private conversations withing earshot of other patrons because they realize that the law gives them no real protection.
However, when it comes to technology, people think that the law actually offers something, much like the law that made it il
Re: (Score:3)
The problem is that the law gave the illusion of privacy for cell phone calls rather than actual privacy - scanners that can listen to analog cellular were easy to come by even after the ban and there were a number of "private" cell phone conversations made public in the media even after the ban. Some scanners required a simple hardware mod
In fact, some popular scanners from Radio Shack and Bearcat had the cellphone band locked out by grounding one pin on a chip. The grounding was provided by a jumper wire on the circuit board -- and it was installed extra long, protruding about an eighth-inch above the board so it was easily found and snipped...
Re: (Score:2)
Unencrypted cellphone conversations are protected by other special legislation, so the exception the judge relied on doesn't come into play. Personally I think Kerr is way off base, he talks about the intent of the designers, but the law says nothing about "intended", it says "that is configured..." -- it's talking about the actual situation, not the intended one.
He cites Tapley v. Collins (ruling that unencrypted cordless phone conversations were protected), but that's only a district court case; IMO it w
Re: (Score:3)
Let's just review this little bit of law:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized
Re: (Score:2)
The clear constitutional specifics you claim apply only to government, not to your neighbors. They can look into any open window any time they want, and you have no expectations of privacy unless or until you close the blinds.
The constitution wasn't written to control people's behavior, it was written to control government's behavior.
Re: (Score:2)
Agreed, and this is the best argument (that this was a private company doing the invasion.)
However, it's pretty clear that the same rules that apply to the government land on us in this arena: You cannot tap someone else's phone; you cannot enter their home without their permission; you cannot open their mail; you cannot repeat any communication you inadvertently intercept, and so forth.
IMHO, to sa
Re: (Score:2)
Actually you can use some coms in any way you want, such as unencrypted coms of police and fire departments, and any meant for public consumption. It is explicitly stated that way in the law. An unencrypted wifi is meant for public use.
(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
(ii) to intercept any radio communication which is transmitted—
(I) by any station for the use of the general public, or that relates to ships, aircraft, vehicles, or persons in distress;
(II) by any governmental, law enforcement, civil defense, private land mobile, or public safety communications system, including police and fire, readily accessible to the general public;
(III) by a station operating on an authorized frequency within the bands allocated to the amateur, citizens band, or general mobile radio services; or
(IV) by any marine or aeronautical communications system;
(iii) to engage in any conduct which—
(I) is prohibited by section 633 of the Communications Act of 1934; or
(II) is excepted from the application of section 705(a) of the Communications Act of 1934 by section 705(b) of that Act;
(iv) to intercept any wire or electronic communication the transmission of which is causing harmful interference to any lawfully operating station or consumer electronic equipment, to the extent necessary to identify the source of such interference; or
(v) for other users of the same frequency to intercept any radio communication made through a system that utilizes frequencies monitored by individuals engaged in the provision or the use of such system, if such communication is not scrambled or encrypted.
18 USC 2511 at (g) [gpo.gov]
Re: (Score:2)
The cops can look in your open window any time they want too, if they don't use any technological aids like binoculars (and sometimes if they do). That's the plain sight exception. You may have an expectation of privacy when standing in front of your open window, but it's not one the
Re: (Score:2)
Re: (Score:2)
And the end result was... those conversations were protected by law.
When you say "protected by law" do you mean they were found to be protected under the constitution or that protection was legislated? Because the latter case would undermine rather than support your argument.
Re: (Score:3)
Re: (Score:2)
Sure:
https://www.privacyrights.org/fs/fs9-wrtp.htm [privacyrights.org]
https://www.cdt.org/wiretap/wiretap_overview.html [cdt.org]
Re: (Score:2)
Also 18 USC 2511 [gpo.gov]
Re: (Score:2)
Re: (Score:2)
They even made it illegal to sell a radio that could receive in the bands where the cellphone transmissions are made.
Actually, they only made it illegal to sell scanners that could receive the transmissions. It's not illegal to listen, just illegal to sell devices that enable listening. Though in that case because of the law banning the devices there's a good argument to be made that you do have some expectation of privacy, which clearly does not apply in the case of Wifi, since there is no such device ban, nor anything remotely like it.
Also, I think the fact that it is possible (and easy) to enable Wifi encryption me
Re: (Score:3)
Neither of which directly make it illegal to intercept calls.
For that, there's 18 USC 2511, which might make it illegal to even listen to the conversation a person next to you is having. ("intentionally intercepts, endeavors to intercept,
Re: (Score:2)
There is a specific law that prohibited manufacturer of scanners capable of receiving wireless phones, and you aren't supposed to publish what you intercepted, but there is no laws again listening.
Wifi is a totally different matter. Beaconsare broadcast precisely so that these networks can be found and encryption is provided as an OPTION.
The implication is clear, that if you turn off encryption you don't care.
I wonder where this judge was hiding during the big Google street view fiasco.
Re: (Score:2)
18 USC 2511 [gpo.gov]
Re: (Score:2)
This isn't about analog v. digital. With an unencrypted cell phone transmission you are still paying for service and not just anyone is allowed on the network. Your phone has an ID that tells the carrier who you are so they can allow you to use the network and to bill you for service.
With an unencrypted wifi hotspot, it is open for anyone to use
Re: (Score:2)
>>>because listening to unencrypted cellphones is illegal.
Not in my state. You only need the consent of one person. That's me and my scanner; I've heard many cellphone, portable, and HAM communications. Besides: Just like TV and radio you are broadcasting "in the open" and therefore have no more expectation of privacy than if you stood on a soapbox and started reading a book aloud.
Re: (Score:2)
Not in my state. You only need the consent of one person. That's me and my scanner; I've heard many cellphone, portable, and HAM communications. Besides: Just like TV and radio you are broadcasting "in the open" and therefore have no more expectation of privacy than if you stood on a soapbox and started reading a book aloud.
If I am interpreting 18 U.S.C. 2511 - Interception and disclosure of wire, oral, or electronic communications prohibited [gpo.gov] correctly, your interception of these signals becomes illegal the moment you tell anyone about what you heard or take any action in any way based on what you heard.
Please notice that this is a U.S. code, so unless your state had seceeded from the the US lately, it is applicable.
Re: (Score:2)
That's not correct. You need the consent of one of the parties to the conversation. That's not you and your scanner.
Can't disagree (Score:5, Insightful)
scanners (Score:3)
If it's wiretapping than anyone in the last 20 years who owned a scanner should be fined for listening in on their neighbors telephone calls because their wireless household phones weren't encrypted.
Re: (Score:2)
General Public (Score:2)
It's not illegal to intercept communications "made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public."
Just who is included in the general public here? This is like saying that most everyone who has a Wi-Fi capable computer typically runs a packet analyzer.
Re: (Score:2)
Re: (Score:2)
No, it's like saying that most everyone who has a WiFi capable computer typically has a packet analyzer readily available. Which is entirely true.
Re: (Score:2)
I take "general public" as meaning non-hacker types. Unless they are being distinguished in a different way, such as citizens vs. government (which I doubt anyone means to imply, since that would then imply that the government has a back door into the technology).
Packet sniffing is not what I would deem accessible to the general public, since they don't understand it.
Comment removed (Score:5, Insightful)
Re: (Score:2)
>>> I don't see any difference between my neighbors having a heated conversation that I can hear inside my house and them sending unencrypted packets into my house.
Agreed.
Reminds me of the couple I lived next door to. The guy was constantly yelling at his girlfriend, which made her cry. Then he'd yell "But I love you!" Once they started arguing in the parking lot, so I went to my window to see what was going on. He pointed at my window and said, "What's your problem?" and then came charging up t
Re: (Score:3)
Wireless broadcasts without encryption, however, are akin to a neighbor who yells loud enough for everyone to know their family's business. I don't see any difference between my neighbors having a heated conversation that I can hear inside my house and them sending unencrypted packets into my house.
The difference is that each packet is keyed to the recipients address and to listen in you need a device explicitly made to intercept packets going to others. If you have tenants and offer them internet service and set up a dump of their traffic, are you doing a wiretap? Hell yes. If you are on a cable loop and modify the cable modem to dump all packets for everyone on the loop, are you doing a wiretap? Hell yes. Note that in an earlier case they found the exception didn't apply to cordless phones - the int
Re: (Score:2)
Interesting analogy of a 'yelling' neighbor. Unfortunately it's not helping your point.
-You can't stop but to hear a yelling neighbor.
-Is your personal network interrupted by theirs?
-Do they have a reasonable expectation of privacy?
Sending an "unencrypted" love letter to a girlfriend by postal mail offers me adequate expectation of privacy... and anyone can just simply intercept that letter many ways.
You are trying to make a point that because you CAN do something from the comfort of your own home/c
Re: (Score:2)
The problem with your analogy is that they are transmitting beacons frames without the privacy bit [microsoft.com] set. This frame basically says: "Hi I am a WiFi network, here is my name and all the other info you need to connect to me if you want to!" If you set the privacy bit it basically says: "Hi I am a WiFi network, here is my name and all the other info
Re: (Score:2)
your intent doesn't matter (Score:3, Insightful)
It isn't the function of government to protect your "intent" against your own stupidity.
If you want to keep your communications private, encrypt them.
Re:your intent doesn't matter (Score:5, Insightful)
Bingo! Furthermore, the last few wireless routers I've setup automatically prompted to turn on some form of encryption during that process. If you choose not to use this feature, it should be viewed as a deliberate (not ignorant) choice in the nature of your setup.
Re: (Score:2)
I recently came across a router that was WPA2 encrypted out of the box with the credentials (a reasonably long numeric string) written on the back. I'm sure each copy of the same router has it's own uniquely generated password.
That just seems so simple and obvious that I have to wonder why it hasn't always been this way.
stupid question but who is orin kerr? :) (Score:3)
and why does his/her opinion matter so much in the case? (it maybe does, just seeing the name in the summary made me ask the question)
More on point... if you are going to broadcast open packets for everyone to peruse freely... even outside your house, it is like doing something illegal in public and complaining about being caught for it and any witness is illegally watching over your privacy. If it was a secured network, then yes, it would be illegal snooping
Re:stupid question but who is orin kerr? :) (Score:4, Informative)
Orin Kerr a law professor who has been published a fair number of time on Fourth Amendment computer-related issues. I think he's even had one or two blog posts from the Volokh Conspiracy cited in judicial opinions.
One of the notable ways he got that blog post wrong, though, is that the statute in question provides a specific definition of "an electronic communication system that is configured so that such electronic communication is readily accessible to the general public" -- and unencrypted WiFi networks are covered by that definition. One of the comments on the post provides a citation and the definition.
Normally (Score:4, Insightful)
Intent doesn't matter (Score:5, Insightful)
There are many open wifi access points set up with the intent of giving internet access to anyone who happens to be there. How am I supposed to know that the owner of an open network wants to share it or not?
One's guilt shouldn't depend another's intent (Score:2)
One's guilt depends not on whether a rule was followed or broken, but on what another person was thinking?
Kerr is asking too much.
Re: (Score:2)
... what about laws about rape? Don't those pretty explicitly deal with what the "other" party was thinking?
I don't think so, otherwise rapists might try to claim that while the victim said "no", the victim instead was thinking "yes".
And suppose someone says "yes" but regrets the encounter? Should someone go to jail because another didn't make their thoughts known?
He's Wrong (Score:2)
The intent doesn't matter, if it did it would have been written into the law. Besides, someone scanning wifi channels cannot know with certainty what the intent of someone who hasn't encrypted a particular network is.
k, then (Score:2)
Using it to snoop on the owners or other users is wrong. Using it to get to the internet, not so much.
If sniffing wifi networks isn't wiretapping, (Score:2)
sniffing a police station's or an FBI office's wifi isn't wiretapping, either, right?
Re: (Score:2)
Kerr is wrong (Score:3)
Orin Kerr is wrong. Intent matters, but only up to the point where it's reasonable. If you decide to discuss a sensitive private matter with your SO by yelling at each other at the top of your lungs in a crowded lobby, you can't possibly reasonably expect that conversation not to be overheard by everyone in the lobby. The same with unsecured WiFi: you're broadcasting your traffic in the clear to anyone who has a receiver and you know this. It's up to you, if you intend a communication to be private, to take at least some reasonable steps to make it private. Choosing a method that's so blatantly exposing the communication to the public is decidedly not such a reasonable step. If you don't like it, sorry but the rest of us didn't agree to plug our ears just because you find it inconvenient to go somewhere private to have a private conversation.
Re: (Score:2)
Not reasonable (Score:2)
This judge is in contempt of common sense.
Just because I leave my car unlocked with the key in the ignition doesn't give you the right to drive away in the car, nor does the fact I forgot to lock my front door give you the right to search my house.
Re: (Score:3)
How about a common converse issue person A has a smartphone setup to connect to his linksys wireless network he walks down the street and the phone connects to his neighbors linksys network. Was he wiretapping or ortherwise hacking there network? Common sense tells me no they did nothing to keep there signal contained within there property or to keep people out of there network. As a network eng I know that basic troubleshooting involved sniffing traffic. From the case they were not spoofing the gateway
Re: (Score:2)
As the article implied it's a matter of intent. You and your smart phone aren't going around with the intent of collecting information in furtherance of some purpose you will gain something from. You have a technological device that makes a connection boom done.
The patent troll in this case is doing this with the intent of collecting information in order to further a court case.
BIG DIFFERENCE.
"public" (Score:2)
i recommend that we come up with some way of making un-encrypted wi-fi networks a thing of the past.
one simple solution would be to have wi-fi clients automatically attempt to use the default password "open" for encrypted networks if none is supplied.
wi-fi access points should strongly indicate to users that using the password "open" is better for security than no password.
o : private network. password: __________
o : create open network (password is "open")
o : create insecure network
a radio broadcast (Score:4, Insightful)
doesn't matter who is listening, in an age where encryption is standard, if you don't use encryption, or if you don't limit your transmission radius, then you have not indicated that you which your wi-fi to be private. A transmission via radio is open to 'listening' under laws in many countries, it is what you do with the material that is usually restricted.
Re: (Score:2)
Movies and software generally have copyright notices which state that they are protected. So if you could figure out how to watch somebody else's movie being streamed over the internet, you would probably be free to do it, but you could not legally make a copy of it.