Wireless Hijacker Dealt First UK Punishment 663
paella_dodger writes "The BBC is reporting on a recent UK court case whereby a man was fined £500, sentenced to 12 months' conditional discharge and had his laptop confiscated for browsing the 'net on his neighbour's wireless Internet conenction. Perhaps I should secure my neighbour's wireless connection for him before Windows automagically connects to it and gets me arrested!"
Re:In Perspective... (Score:4, Informative)
Justice (Score:5, Informative)
Fortunately, most courts still discriminate between intentionally and accidentally doing something. If you're connecting to someone else's wireless network from your car (which, I assume, means that you don't have any wireless network facilities of your own around), it's pretty hard to maintain that you did it by accident.
On the other hand, if my mom is found to use the neighbor's network to access the Internet, it will be pretty hard to maintain that she was doing so on purpose. All she knows is that computers can be used as glorified typewriters. GUIs are not for her, much less wireless network configurations.
Accident? (Score:5, Informative)
Basically the bloke was engaged in Wardriving, and deliberately hooked into the wireless network.
It'll certainly be murky waters when windows automatically selects the average joe's router instead of their own, but with many routers at least asking people to put better security on wireless points, this should start becoming less frequent.
From all accounts, he was caught tapping away on his laptop, moved away when police watched, then came right back to the same point again. At which point he was investigated as he looked a little 'suspicious'.
Wardrivers remember! Just because you're invisible in the network, it doesn't make you invisible to the local copper walking on the street, or the local neighbourhood watch!
How many people secure their networks anyway? (Score:3, Informative)
While I'm at home, I can see just one wireless network.. mine. But step outside and I can see eight other ones, only one of which is secured. About half are set to the default network name (so I guess default IP addresses and passwords), all of them except mine use the same channel. And some of them stupidly have the owner's names for the network (stupid.. because a burglar could use that to find out who had kit worth nicking).
So are these people being stupid or what? Errr well.. no, they're just being normal people who expect the kit to work out of the box. But really, who many non-geeks understand WEP, SSIDs, MAC addresses and all the other jargon?
The probably is made worse by "leakage". If you are inside then you'll rarely pick up someone else's wireless connection.. but these things leak out all over the place when you go outside. The perception of the typical user then is that if they can't see someone else's network from inside, then nobody else can see theirs. Alas, this isn't the case.
I think the bottom line is that WiFi is incredibly dangerous if you don't know what you are doing. Most products do work straight out of the box, but crucially they are not secure out of the box. Even Microsoft eventually learned that lesson with its operating systems - early versions of XP didn't even have the firewall enabled and were wide open to attack.
In this particular case the issue of intent is important. Given the proliferation of insecure networks, it must be trivially easy to accidentally connect to some else's wireless point. How you can prove intent is more difficult though.
Re:Accident? (Score:4, Informative)
Patient records. If you're a nice guy, you won't go looking around. Not everyone is that nice. Ever thought what happens when you delete someone's allergy records when they head to surgery?
We have wireless points here, and regularly go sniffing for open access points run by departments. When we find them, we chastise the owners, and then secure the points.
Or, perhaps, you're happy sharing your medical history with the world. If so, that's fine. Not everybody is.
Incidentally, I'm very suspicious of your claim to read
Re:Unsecure network ? (Score:3, Informative)
Re:Intentional doesn't mean criminal (Score:4, Informative)
Except there's no convention for matching an SSID to a usage condition. So 'FreeOnMondayNights' might mean the guy wants a date on mondays or his computer is free on mondays or his wifi is free.....
You can't know from the SSID what the conditions of usage for that network are.
Take another example, you try to connect to "MiksNetwork" and it connects, but you are not sure if Mik really wanted it that way. How the fuck are you supposed to know who Mik is, how you get permission from him, or who has authority to give you permission. His network says it OK, yet you're supposed to assume it still isn't?
Re:Did you read this bit.... (Score:3, Informative)
IT WILL NOT! (Score:2, Informative)
Re:IT WILL NOT! (Score:3, Informative)