UK Man Convicted For Wi-Fi Piggybacking

CatrionaMcM tips us to a BBC story reporting that Gregory Straszkiewicz, a UK resident, was fined £500 and sentenced to a conditional discharge for 12 months after being caught using a laptop from a car parked outside somebody else's house. '[H]e was prosecuted under the Communications Act and found guilty of dishonestly obtaining an electronic communications service.' A separate BBC story notes that two other people in England were arrested and cautioned for sharing Wi-Fi uninvited.

Open AP?

[jshriverWVU]

How does one figure out if the AP is for public use or just someone who forgot to set it up properly?

Re:Open AP?

[dotgain]

Uhh, the utter lack of advertisement that it's for public use?

Re:Open AP?

[Noah Adler]

Such as an SSID advertisement?

Re:

[cortana]

Your car's number plate does not imply that the car is for public use. Broadcasting a signal that declares that a wireless network with a given SSID is available does somewhat.

Re:Open AP?

[jotok]

This whole line of reasoning has always struck me as a rather disingenuous argument, because proponents of the "Well, the SSID was broadcast and there was no key required, so obviously it's free for anyone to use" theory never offer any criteria for exactly how much the owner of a wireless access point needs to do before random clients can "assume" it's not intended for public use.

There are lots of analogies being thrown around already, I'm sure, so let's just dispense with those for the time being and get down to brass tacks.

My neighbor's access point is a crappy linksys wrouter that he got several years ago. He uses WEP but I can crack that quicker than he can type in the key. Does the fact that he is using a known-to-be-weak encryption scheme mean that I have the right to be on? My other neighbor does not advertise his SSID, but I can get on his AP just the same simply by grabbing enough packets out of the air. Does that mean that I have the right to use the service he's paying for?

Simple deduction tells me that I should not assume that, simply because I can access a resource, the owner does not mind if I access the resource. You cannot validly assume that the average home user of 802.11 technology knows enough to secure it.

Frankly, at this point, I do not care whether or not people want to lay blame for this at the feet of the vendors or of the end users. The simple fact is that unless you have an explicit reason to believe that you are meant to access someone's wireless, you should not; and to access it anyway is unethical.

Re:Open AP?

[ehrichweiss]

My neighbor's access point is a crappy linksys wrouter that he got several years ago. He uses WEP but I can crack that quicker than he can type in the key. Does the fact that he is using a known-to-be-weak encryption scheme mean that I have the right to be on? My other neighbor does not advertise his SSID, but I can get on his AP just the same simply by grabbing enough packets out of the air. Does that mean that I have the right to use the service he's paying for?

No, as a matter of fact, encryption is THE way to tell if you're allowed to view satellite communications, at least here in the States. If a provider does not encrypt their signal, they have no(as in none, zero, zip, nada, nothing..) legal grounds to say that we can't watch their programming; however the moment they encrypt it, one can become liable for signal "theft" if they decrypt it without permission. The same needs to be applied to the Wifi arena. Laziness on the part of the "system administrator" should under no circumstances be grounds for the little twit to bring you up on criminal or civil charges.

Re:Open AP?

[jotok]

Oh, sure. I agree with you 100%. But this only means at most that you're free to observe someone's traffic. I do not see anywhere in your argument provisions for communicating back to the AP, negotiating a connection, leasing an IP, and coming to Slashdot.

As has been noted elsewhere, you are assuming "laziness" or incompetence on the part of the "sysadmin" where mere ignorance performs as well. Which explanation do you suppose Occam would select?

Re:Open AP?

[FrankieBaby1986]

As I have said on slashdot before: COMPUTERS ARE NOT APPLIANCES!

Just because I can get in a a car and drive it doesn't mean I should.
If you do not possess the knowledge to properly set up a wireless network, then by no means should you be doing it.
The law should be simple: if you set it up, w/ SSID broadcast turned off, encryption enabled, or both, then you should be allowed to sue for unauthorized access. If neither, then it should be assumed it is a public service

The lack of technical knowledge of the 'victim' DOES NOT MATTER. They failed to follow the directions that came with the router. They failed to learn about the tech they were about to use. They get burnt.

If I install a dishwasher myself, but fail to read the directions, and it floods my house, Is it the water's fault, or mine?

Re:

[JackHoffman]

w/ SSID broadcast turned off, then you should be allowed to sue for unauthorized access

No, you should not. Turning SSID broadcast off will not keep others from accidentally connecting to your AP if their own wireless network uses the same SSID. At the very least you would have to set a non-trivial (i.e. random) SSID and turn of SSID broadcasting to have a case against unauthorized access. I really don't understand why people are so adamantly avoiding encryption. The same people who go to court to defend the

Re:Open AP?

[jotok]

Please, can we stay away from the analogies? I don't think they're especially productive.

You argued that if I don't know how to control the behavior of the technology I bought, then I'm still at fault for the results. So if someone's client connects to my AP because they don't know how to modify its default behavior, why are they not at fault? I submit that this is a double standard.

Re:

[MidnightBrewer]

The lack of technical knowledge of the victim does not excuse the morality of the person taking advantage of them. By that same argument, you could also claim that ignorance of the law doesn't excuse breaking it (which, conveniently enough for the government and tax collectors, is usually the case.) If you'd like a different analogy, just because my water hose is left outside does not make me at fault for somebody stealing my water. Just because a woman wears sexy clothing doesn't mean she's asking for it.

Re:no it should not

[tinkerghost]

An inanimate piece of equipment cannot grant your legal authority to someone

Per your interpretation, you have just engaged in criminal computer tresspass by using the slashdot web site. You requested permission to use the system (through your browser), that permission was granted by the system (through the web server). Since a piece of equipment cannot grant legal authority to someone, you had no authority to use the system.

There is no technical difference between the protocol exchange in the HTTP & the 801 series, both are automated request/response protocols which grant authorization.

Re:

[JackHoffman]

The way this is relevant is that it's a pretty wild frequency band. There are not only wireless LANs but also Bluetooth, microwave ovens, wireless TV transmitters and lots of other things in that band. If you respond to anything in that band, you better know what you're doing. The access point has as much to do to establish a connection as the client computer. Let's not forget that the standard has no other way of declaring an access point open but to leave encryption off, and there's a good reason for that

Re:Open AP?

[rifter]

This whole line of reasoning has always struck me as a rather disingenuous argument, because proponents of the "Well, the SSID was broadcast and there was no key required, so obviously it's free for anyone to use" theory never offer any criteria for exactly how much the owner of a wireless access point needs to do before random clients can "assume" it's not intended for public use.

I see your point and I do understand where you are coming from on this, but the problem is a bit sticky.

For instance, where I live, and probably where most people live these days, pretty much every business around from the local hamburger joint to the local bar, etc advertises free wifi. Many if not most of them simply set up an AP with a broadcast SSID and have done. The people who work there may not even know what the SSID is, but they expect you to just search and find it, which you can. In several places there is overlap between these APs from businesses and similarly configured APs from regular folk. Sometimes the SSID is obvious, like $RESTAURANT, but sometimes it's just the default Linksys SSID or whatever. There are services that help these folks set up their networks and require some kind of authentication over ssl to actually get out to the net, etc, or will just set up the system for you in some other way, but those cost money, and, like I said, many small businesses find it simpler to just fire up an AP out of the box and hook it up.

I have also noted that since encryption adds significant overhead to wifi connections, making them in many cases many times slower than without, people will open the network for that reason alone. The 11mbps connections were especially nasty that way.

Then you have your neighbour problem. Sure it's not anything like the situation with getting connected to an open wifi connection run by a business, but even so there are people who deliberately set their wifi networks as open networks that broadcast their SSID specifically because they want people to be able to use them. There are even clubs that work together to convince people to set their networks up this way, and set their own up this way, specifically so people can use them.

Given all that and the permissive nature of these networks, a culture is brewing such that people do not see connecting to open networks as wrong, and often do not care that people connect to theirs. In my experience, this is actually more the rule than the exception, even with non-technical users.

Now we come to your point. For instance the person who just got wifi and has no idea other people can connect to it, etc, who barely struggled through the instructions and has no idea how to monitor the connection. This is the guy I am sure your worry most about. It's not their fault they did not secure their network, per se, and it is not fair in any case for people to just use their stuff because the "door is open" and the "keys are in it" or whatever analogy you like today. But at the same time it's hard to draw the line between legitemately using an open network and using one that was not supposed to be open. Sometimes, in fact, it's the proverbial "clueless user" who ends up on the wrong network thinking he is on his own. It's even weirder when they are both called "Linksys." How is he supposed to know? I actually got onto my girlfriend once for getting on someone else's network, but she not only did not know she'd done that, but did not know at the time how she could have told what network she was on. (She is more expert now).

Usually people that are connecting to other's networks are not doing anything more nefarious than using someone else's bandwidth. I do know some people who deliberately set up open networks had to close them because some one did try to hack the other boxes on their home network. In any case, it is probaly is a good idea not to connect to networks not your own unless you know it is open on purpose. In the case of the neighbour you can generally ask, and I

Re:

[jotok]

Don't you think it's strange that people denigrate clueluess users who don't know how to restrict access to their wrouter...and yet feel they have a valid defense if they can't control what their laptop connects to?

Re:Open AP?

[JackHoffman]

If you wear a sticker that says "Hi, my name is John", then you can't complain if I talk to you and ask you to give me a ride. If you then answer "yes, get in the car", you can't complain if I do get in the car and tell you that I would like to go to the next McDonald's. If you then drive me there, you can't complain that I hitched a ride from you and didn't pay you. An open router is a very friendly piece of hardware. It tells people that it's there, it hands out IP addresses and it routes strangers' packets and all you have to do is ask for the favor.

Re:

[jotok]

This is not a great analogy.

A more appropriate one might be--I am a wealthy man and like most wealthy men I have a driver. But all of our drivers are rather dim and they will accept orders from anybody.

So, I hire this guy, and because I'm wealthy and self-important I don't bother to instruct him that he's only supposed to drive me around, because I assume "I'm the one paying him, why should he take orders from anyone else?"

Then he goes missing for a week because you asked him to drive you to Alaska--knowin

Re:

[Znork]

"It's all about what a reasonable man might consider an invitation."

How would you invite someone to share your wifi? Personally I'd broadcast an SSID and turn off encryption...

The prevalence of free wireless networks these days suggest that there's a whole lot of people who have no problem at all with sharing their wifi. Personally I'd have absolutely no problem with someone using my wifi. Are they, and am I, unreasonable? Is friendly neighbourly behaviour, letting someone deprived use something that costs

Re:

[slart42]

Uhh, the utter lack of advertisement that it's for public use?

My WAP is open. It is intentionally so. My neighbours or anyone just generally passing by are free to share it. And people frequently do, according to my router's logs. It's not that I'm constantly needing those 6 MBit myself, so why would I mind anyone else using them. I see the fact that the network is unprotected as invitation enough for anyone to join in. I don't see myself posting ad banners around the street saying "Please share my WiFi" (a

Re:Open AP?

[DerekLyons]

My WAP is open. It is intentionally so. My neighbours or anyone just generally passing by are free to share it. And people frequently do, according to my router's logs. It's not that I'm constantly needing those 6 MBit myself, so why would I mind anyone else using them. I see the fact that the network is unprotected as invitation enough for anyone to join in.

You may see it as so. But the law disagrees. In fact the law (in this instance) is consistent with locks on doors, etc... Absence of a lock is not indicative of permission to enter. This makes sense because, lacking signs, there is no way to tell the difference between a WAP you are encouraged to enter, and one where the owner forgot to lock his door.

Re:

[ehrichweiss]

The locks on doors analogy is worn out and misapplied, let me give you a better one. In the States it's perfectly and 100% LEGAL to view any radio/satellite broadcasts as long as they are not encrypted. Period. You can say to your heart's delight that you don't want me to watch your broadcast but if you lack encryption you have no ground to stand on because that's what the law says. That's your locked door right there.

This the kind of thing that crashes the legal mind

[Archtech]

"My WAP is open. It is intentionally so. My neighbours or anyone just generally passing by are free to share it. And people frequently do, according to my router's logs. It's not that I'm constantly needing those 6 MBit myself, so why would I mind anyone else using them".

Wow, what subversive pinko commie ideology is that? Sharing things free of charge with your neighbours, or - still worse - with total strangers? That's the kind of behaviour that troublemaker Jesus Christ was executed for advocating! No wonder the law comes down hard on it. Next thing you'll be suggesting we should start sharing source code with complete strangers, for Pete's sake.

Re:

[mahmud]

He provides the prosecution with numerous logs showing that he is not the only user of his WAP? Or are we talking about legal system where one does not need to prove suspect to be guilty beyond reasonable doubt in order to convict him?

Re:

[Dragonslicer]

Or are we talking about legal system where one does not need to prove suspect to be guilty beyond reasonable doubt in order to convict him?

If it's a civil case about copyright infringement, then yes we are.

Re:

[ScrewMaster]

On the other hand ... why go to the trouble of having to prove yourself innocent (not an easy or painless process nowadays) when simply securing your WAP can largely eliminate the risk? Look, I understand the Good Samaritanism involved, and frankly I might be inclined to do something similar (although with some rate-limiting, no point in being too generous) if it weren't for the legal climate in this country (the U.S., in my case.) The courts are not to be trusted, they make too many mistakes when it comes

Re:Open AP?

[servognome]

Uhh, the utter lack of advertisement that it's for public use?

Linksys = Latin for "Welcome", right?

Re:

[Feanturi]

But this was a guy in a car parked outside the house. It's not like he was a neighbor that couldn't tell the difference between routers and didn't know any better. He had no other business to be parked there, other than to use wifi that he didn't ask permission to use. It's like he just walked into their yard to use their garden hose to wash his car, as it was there just spread 'invitingly' across the front yard from the morning's watering.

He wasn't waiting for a bus and idly checking to see if he could go

Re:

[dwandy]

But this was a guy in a car parked outside the house.

so? are you suggesting that the AP in my home is by definition private? I don't think so. Mine's open. Feel free to stop by and use it.

He had no other business to be parked there

Streets are (still!?) public property. He has the same right to be on that road as the home owner.

It's like he just walked into their yard to use their garden hose to wash his car,

He did not trespass so it's nothing like that.

He wasn't waiting for a bus and idly checking to see

Re:

[jotok]

Hold on.
Your argument is:

"My computer's default setup connects - it's not my fault"
and
"Their wrouter's default setup allows me to connect - it's their fault"

Did I miss something?
Otherwise: bzzt!

Re:

[profplump]

I think you could construe the mere presence of packets with an SSID is the invitation. If you don't want to make your access point public you could just not broadcast the SSID; there's no technical requirement to do so, and you don't need to do any sort of encryption to stop the broadcast of the SSID. I'm not sure I would construe things that way, but it doesn't seem totally unreasonable.

Moreover you're drawing an arbitrary distinction between the DHCP on-wire protocol and English. What if the invitation w

Re:

[nevali]

You miss the point: the technical protocol-level details are completely irrelevant. If there's no specific advertisment (be it on a signpost, or a SSID name indicating that's it's public, or something else), then there's no invitation.

Just because the default configuration of routers broadcasts the SSID doesn't make it a free-for-all. Similarly, just because a Bluetooth phone is set to 'visible' doesn't mean 'connect to me and do what the hell you like': at a protocol level it means 'you can connect to me',

Re:

[Tyler Eaves]

Pretty simple really...

Unless you are told/informed/read other wise, a network is NOT public. It's no different than seeing an unlocked door. You wouldn't just walk in and look around would you?

Re:Open AP?

[LiquidCoooled]

It's no different than seeing an unlocked door. You wouldn't just walk in and look around would you?

That depends, is it a shop?

Re:

[dwandy]

That depends, is it a shop?

And that is the problem with open APs and people who say that they are like doors.

Any analogy that includes the real world fails to take in account the fact that in the real world we have hundreds of years of property law and social norms that makes it "obvious" to us what trespassing is and what break'n enter is.

This same obviousness doesn't (yet?) exist in the virtual world; and (hopefully!) never will.

Some of these same questions can be asked about accessing a server on the

Re:Open AP?

[drinkypoo]

Unless you are told/informed/read other wise, a network is NOT public. It's no different than seeing an unlocked door. You wouldn't just walk in and look around would you?

I love this example, because there is a legal difference in many jurisdictions between locked and unlocked doors.

If you defeat a lock and enter a building, that is breaking and entering. But if the door is unlocked the most you can be convicted of (providing you haven't damaged or stolen anything) is trespassing.

The law should really make the same distinction about networks.

Re:

[QuantumG]

So? They're both crimes.

Re:Open AP?

[hobbesmaster]

You can only charge someone for trespassing after you tell them to leave... Same should of course apply for wifi.

Not neccassirly true

[KKlaus]

It (generally) depends on your state's definition of what constitutes a "secured premises." If you enter unallowed a place that meets the definition, you've already committed trespassing, and no one needs to have seen you or said boo. Generally speaking, an area will be considered "secured" if it has a fence, or a lock, or signs saying no trespass. Basically, if it looks like you obviously aren't supposed to be there.

Having said all that, I think you are probably incorrect on your assessment here. I sus

Re:

[stefanlasiewski]

In the US, a person often cannot be convicted for trespassing unless the land has been marked as private property, such as with a fence, wall, locked door, a "No trespassing" sign, obvious markers, etc. I am not very familiar with UK laws, but I read that the law is similar [wikipedia.org] in the UK.

If I am hiking on public land for example, and I'm next to some private land, the private land should be marked as private. Otherwise, how will can I tell where the border is?

The owner of a wireless access point can easily setu

Re:

[false_cause]

Do you think he would have gotten a 500 pound fine and 12 months probation if he had hacked into a secure network? I think the court probably used it's judgment in assessing the sentence and indeed recognized that the crime was more "trespassing" and less "breaking and entering."

Re:Open AP?

[drinkypoo]

Do you think he would have gotten a 500 pound fine and 12 months probation if he had hacked into a secure network?

What I think is that 500 pounds and 12 months' probation is fucking ridiculous when you're not even causing any harm.

If he WAS causing actual harm, then I would limit his financial obligation to paying the victim for actual damages.

The fact that he was fined 500 pounds proves that this is about grabbing money from people, not keeping people from using open APs (which is impossible anyway.)

Re:

[Belial6]

It's more like walking across someones lawn. I don't know how it works in the UK, but unless you have specifically posted a no trespassing sign or specifically asked them to leave your property, you cannot have someone arrested for trespassing on your front lawn here in the US. It has an implied invitation. Now, if the guy had actually accessed a computer on there internal network, maybe...just maybe, it could be likened to entering an unlocked house.

Re:Open AP?

[JackHoffman]

It's no different than seeing an unlocked door.

Yes, it is very much different from seeing an unlocked door. That's why intelligent people don't resort to analogies to discuss simple concepts like communication over radiowaves. The established standard has means of negotiation that allow people to use a shared resource without prior agreements. Using the standard is vital to many interesting and legitimate uses of the shared resource. You're advocating a restriction on useful applications to give technological nitwits the illusion of safety, while in reality their baseless assumption of being protected only causes them to be more vulnerable because they see no need to secure their networks. There is not even one good reason for punishing the use of open access points by anyone.

Backwards....

[tinkerghost]

Unless you are told/informed/read other wise, a network is NOT public.

Technically, the structure of the internet is built on a 'Default allow' schema. Essentially, if you don't say 'no' then I can. I don't have to get permission to use your web server, your anonymous FTP server, or route over your backbone. If you choose to, you can of course block all of those, but you have to choose to disallow me access.

Add to that the facts that public 'hot spots' are more & more common & XP will sometimes jump from one network to another without asking and you have a recipee for legal chaos when incompetents leave their AP's open.

It's no different than seeing an unlocked door. You wouldn't just walk in and look around would you?

Do it all the time - I don't actually remember the last time a business had someone out front asking me to come in.

Quick Change

[HTH NE1]

It's no different than seeing an unlocked door. You wouldn't just walk in and look around would you?

Do it all the time - I don't actually remember the last time a business had someone out front asking me to come in.

You haven't been walking through the right districts.

"Nude women! Nude women! Clowns welcome! Clowns welcome! Nude women! Clowns welcome!"

Re:

[JackHoffman]

There is a reasonable threshold for "saying no". If your AP/website is indistinguishable from an access point/website that is meant to be public, then you're not saying no in a reasonable way. That is the only way the internet and public hotspots can work. If your AP uses WEP-40bit encryption, you're not doing what's necessary to protect your data, but you are clearly saying no to users who did not get the key from you. Likewise, even simple HTTP authentication is sufficient for making a resource private.

Re:

[FLEB]

I don't recall if it was a local story or something from an aggregator like /., but I recall hearing a while back that people were up-in-arms because someone was using the public library's Wifi through the walls after the library was closed.

It ended up rather sanely, no charges IIRC, and the library just turned off their equipment at night. For that matter, though, who really cares if they didn't.

Re:

[Darktan]

Easy. Simply check: Am I in Britain? Yes? Then the AP is not for public use, or possible intended for use at all.

Re:

[LotsOfPhil]

The article says:

People with criminal intentions have, in the past, attempted to use the openness of their own wireless networks to cover their tracks online.
"There have been incidences where paedophiles deliberately leave their wireless networks open so that, if caught, they can say that is wasn't them that used the network for illegal purposes," said NetSurity's Mr Cracknell.
Such a defence would hold little water as the person installing the network, be they a home user or a business, has ultimate re

Re:

[purpledinoz]

How are you supposed to setup a secure wireless network? WEP can be cracked in minutes, and MAC address filtering can be worked around by MAC address spoofing. So, how can anyone expect the average user to take responsibility for hackers hacking into their wireless networks? It sounds like people in the UK will have to resort back to wired networks.

Re:

[MoHaG]

At least setting up WEP will prove that you did not intend anyone else to use your network....

Re:

[iangoldby]

Well, I heard the interview this evening on the PM programme, and the police representative said that basically if your wireless network is wide open and as a consequence is used by someone else for criminal purposes, then you will suffer a great deal of inconvenience at the very least.

Your equipment will be confiscated for forensic analysis and it will be a while before you get it back. The analysis will probably show that it wasn't you - but do you really want to take that risk, and do you want to be with

Witchcraft

[kt0157]

Oh that's a watertight legal opinion. So if I left my keys in the car and someone stole it, I'm responsible for the people they kill? And if I watch someone's TV through their window, that's theft? Or I read my newspaper by the light coming out of their window?

You should all note that the law these people have been accused of breaking is one designed to stop people stealing cable TV using hacked decoders. It was not designed for "theft" of Internet access. There is a defence to the accusation that the servi

Re:

[u19925]

In most cases, you would know by common sense whether the network is public or the owner is security challenged. Almost all public wi-fi services will require you to register before using the service. You can't use neighbor's water hose to water your garden or use their outdoor plug point to light your porch. I can guarantee, the person knew that he was stealing the network connection. If once in a blue moon, you need to access internet in emergency and use such an open connection, it may be pardoned. But i

Re:

[jshriverWVU]

Agree in that context it would be like stealing water or electric. Though my concern is how do you really determine in most cases? I've known people who leave their AP open so people can go online check email, etc. In the town I live there are several legal to use open AP that require no form of authentication. Coffee shops, etc.. there's also libraries, McDonalds, and people who willingly leave their AP's open. So the area is kinda grey. In this case, I do agree sitting outside someone's house is pretty

Someone left their keys in the car

[EmbeddedJanitor]

How should I have known it was not for public use?

I think that the courts are likely to take reasonable public access into account. If you just stumble across an AP that does not make it public any more than if you happen to find an unlocked door on a house.

Re:Open AP? Name it Free or Open

[drewzhrodague]

How does one figure out if the AP is for public use or just someone who forgot to set it up properly?

YOu can use the word 'Free' or 'Open' in your SSID -- or use a URL like I do. My SSIDs are all 'pghwireless.net [pghwireless.net]'. Although it is tough to get to a URL when aren't sure you have permission.

If you're an AP owner -- make it obvious for the random stumbler. Use the built in encryption to keep people out, or use the words 'Open', 'Free', or something to try to make it obvious.

Good, I hope this continues and moves to the US

[stratjakt]

Just because you can do it, doesn't mean you have the right to.

Re:

[Sancho]

Yup. Now I'm going to go after my neighbors. Their plants steal the CO2 I emit.

Re:

[TeknoHog]

CO2 is natural. Internet is not.

Everything is natural. Humans build interwebs like spiders weave their webs.

On the other hand, if you define Internet as not natural, it is therefore supernatural and I can choose not to believe in NO CARRIER

Re:

[slashdotmsiriv]

"Just because you can do it, doesn't mean you have the right to" You my friend are a troll ...

Re:Good, I hope this continues and moves to the US

[jackharrer]

Say it to all kids in UK who vandalize everything around without even a slap in hand.
But for piggybacking wi-fi they charge you £500. Cool. They should also put him in jail, just to show how dangerous for society his actions were.

UK has a lousiest law system in the world, IMHO. I know it well - I live here.

Re:

[holden caufield]

(ahem)

For USAians, I quote the tenth amendment to the Constitution. aka "the tail end of the Bill of Rights":

"The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people."

In other words, if you can do it, and no government says you can't...then you *do* have the right to.

Crime to use open wifi?

[MoHaG]

So accepting people's invitation to use their Wifi (by not securing it) is a crime...

It is the same as accusing someone of copyright infringement if they listen to their neighbor's CDs because their sound system is too loud...

PS: I still need to RTFA

Re:Crime to use open wifi?

[purpledinoz]

Next time you hear your neighbour's music, the moral thing to do is cover your ears so you can't hear music for free.

Let's extend this to wifi...

[Lockejaw]

If Alice's wifi extends into Bob's house, what happens when Bob doesn't notice that his computer automatically joined Alice's network during startup (before it detected Bob's network)?

Re:

[dotgain]

So accepting people's invitation to use their Wifi (by not securing it) is a crime...

Judge: Oh, I'm sorry, I didn't realise you'd been invited to use that access point. Let's see your invite. Oh, wait - you mean since you weren't explicitly forbidden from using the access point, that's an implicit invitation.

It is the same as accusing someone of copyright infringement if they listen to their neighbor's CDs because their sound system is too loud...

Your analogy is missing a car or two. IOW, it's not a pa

Re:

[drinkypoo]

Judge: Oh, I'm sorry, I didn't realise you'd been invited to use that access point. Let's see your invite. Oh, wait - you mean since you weren't explicitly forbidden from using the access point, that's an implicit invitation. [...] Your analogy is missing a car or two. IOW, it's not a particularly apt analogy.

It does raise a point, however. If someone is running an announced, open AP, then their AP is actively broadcasting invitations to join the network.

THAT is an explicit invitation. It's used to announ

Re:

[pytheron]

Just as accepting invitations to drive off with my car because I left it unlocked on my drive is a crime.. Just as when someone leaves chips on a card table and doesn't ask someone to keep an eye on them.. well that's an 'invitation' also..

  There is no 'invitation'. When you use someone elses bandwidth, you deprive them of a commodity that they have paid money for. So yes, it ought to be a crime.

Re:Crime to use open wifi?

[drewzhrodague]

There is no 'invitation'.

Actually, there is. Your access-point broadcasts it's SSID, and an invitation for clients to connect -- about 10 times per second (IIRC). This is part of the specification. Most modern APs will allow you to change some of these parameters, including to prevent SSID broadcasts. Otherwise, most APs do actually invite clients that are within range to connect. Most of them, signal permitting, will do just that.

Re:

[igotmybfg]

I think your analogy is invalid.

First, listening to your neighbor's CDs is a passive act (inasmuch as you don't have to do anything to hear it), whereas piggybacking his WiFi is active, in the sense that you actively decided to get on his network.

Second, listening to your neighbor's CDs doesn't really harm the neighbor from an economic standpoint. The fact that your ears are hearing the music doesn't mean there is any less of it left for the neighbor, whereas that isn't true for the WiFi piece; if you'r

Ah, so if you leave your door open, that is an inv

[SmallFurryCreature]

You are saying that if you leave your door open, that is an invite? If you don't have a fence around your garden, just anyone can use it? God forbid you leave your car unlocked for a sec while loading/unloading. People will be borrowing it in a sec! What about simply dropping your wallet by accident. Obviously you didn't want it anymore, so I can just take it?

Perhaps I am just old but I still think that you don't take what belongs to someone else. Don't give me the crap about not knowing the difference bet

It's not mystery tech. anymore

[mandelbr0t]

The black-hats rely on the fact that no one can see what they are doing to succeed. In many cases, they are still capable of keeping their illegal activities underground. But a guy sitting next to a building with a laptop is kind of obvious. Kudos to the cops for challenging his existence there. I'll even put up with some nosy cops myself to see guys like the one they got go away. Now if only there were an electronic cop that would bring those cowardly, anonymous, SSH phishers and spammers to the surface...

autoconnect

[mastershake_phd]

What about when Windows auto-connects to an open AP? Sure you would probably never get arrested for it, but its still technically illegal isnt it?

Re:

[account_deleted]

Comment removed based on user account deletion

excuse to arrest him?

[valdean]

I wouldn't be surprised if his being arrested had more to do with him sitting in a car outside someone's house than piggybacking on someone's wireless Internet connection. If he'd been in a bedroom next door, it wouldn't have resembled stalking, and I bet he wouldn't have been prosecuted.

He asked to use the network

[AciDLnx]

His computer sent out a DHCP *REQUEST*. His computer said: "Can I have an IP address on this network? Can I have the information I need to get online from this access point?"

To which the access point replied: "Yes, you can have X.X.X.X. You can route your traffic through X.X.X.X."

He *asked* to use the network, and the network said *yes*.

Re:

[Darkon]

His computer sent out a DHCP *REQUEST*. His computer said: "Can I have an IP address on this network? Can I have the information I need to get online from this access point?"

To which the access point replied: "Yes, you can have X.X.X.X. You can route your traffic through X.X.X.X."

He *asked* to use the network, and the network said *yes*.

He *tried* the door handle. The door opened. Does this mean he had an automatic right to go inside? Technically possible != legal.

Re:He asked to use the network

[tinkerghost]

You really don't pay any attention to the details of the protocols do you?

He *tried* the door handle. The door opened. Does this mean he had an automatic right to go inside?

According to the RFC's governing DHCP, yes he does have an automatic right to use the service. Per the standards, it is the responsibility of the server owner to restrict access. The failure of the server owner to lock down the DHCP server no more changes the proper useage of the protocol than a store owner forgetting to lock the door & flip the sign at closing time. The DHCP client asks for & receives permission/configuration details. A customer walks into a business with an open door. Both are default allow scenarios, you don't knock on the door of a business, you try the door & walk in if it's open.

Re:He asked to use the network

[leighklotz]

> I tried to stand by your window to read my book using your light. The window let me. Does this mean I automatically get the right to use your light?
Is this a trick question? If you're standing in the street, yes.

Re:

[u19925]

Is the router authorized to let you connect? I don't think so. It can connect, but it has no authority. It is like a neighbor's electric plug point. It can supply electricity, but that doesn't mean you can use it without neighbor's permission (plug point's permission is not enough).

Re:

[mandelbr0t]

Cool. I have a computer program which solves those darned WEP riddles it keeps throwing at me. My computer reads the traffic from the router, determines the solution to the riddle and answers it correctly. After I answer the riddle, the router provides me with network information. I say it's a riddle because it doesn't take long for my computer to solve it. 'Cracking' takes much longer, I hear. I've done nothing but use the IEEE specification for radio frequency in that range. My computer has the appropriat

Open Networks Are Open

[shawn443]

First of all, punish people who break into closed networks not open ones. I have accidentally connected to an open network a time or two. Sorry, I meant to connect to the Linksys network, not the Linksys network. Secondly, if DLink and the like would default to a more secure configuration out of the box instead of pandering to the wanabe power users, this problem would be largely eliminated. The computer industry seems to want to make computers so easy anyone can do it. They can't. Take your car to a mechanic, take your clothes to a tailor, take your securely configured router that you can't figure out to me.

Re:

[u19925]

Read the article. It was no accidental connection. I am sure, he wouldn't have been arrested and convicted if there was any doubt at all that it was an accidental connection. There are some people who habitually steal network or break into other's system. Some do for fun, most do for some monetary gain and very few do by accident.

NintendoDS

[jshriverWVU]

How long till some kid with a NintendoDS get's arrested for playing Animal Crossing using an AP the software autodetected?

NintendoDS Arrests...

[drewzhrodague]

How long till some kid with a NintendoDS get's arrested for playing Animal Crossing using an AP the software autodetected?

NintendoDS/WiFi MP3 player/Wii network abuse arrests in 5... 4... 3...

Sitting in a car with a laptop is a bad idea. Bring a friend. Sit outside. Be very obvious. Politely answer questions when posed, and remember that uninformed people will think the worst first.

Have a mobile data card handy . . .

[div_2n]

Have a mobile data card handy just in case. Problem solved. "Officer, I'm using my mobile data card. I pulled over since driving while surfing isn't a great idea."

Summary misleading

[nebaz]

The second article says that the people providing the unsecured networks were "cautioned", but it doesn't say they were arrested. I don't think it's a crime to have an open network, though it might go against the TOS.

2005 story

[iangoldby]

Did anyone notice the date on that first story?

Last Updated: Thursday, 28 July 2005, 08:51 GMT 09:51 UK

That first story (with the £500 fine) was two years ago and concerned someone who hijacked a wireless connection.

The second story (the new one) concerned two people who were cautioned for using people's wi-fi broadband internet connections without permission.

In other news

[gvc]

Person fined for using MacDonald's toilet without being a customer.

Why does everyone assume the AP was open?

[SmallFurryCreature]

The article doesn't say it was, in fact it notes the details are extremely sketchy.

Furthermore, if I drop my wallet, does everyone here just assume that I don't want it anymore and you are therefore free to take it?

I had at one time a public access point, it was identified as "Free basic web access, be nice" or something and was run through a linux box wich filtered and limited access quite a bit AND logged everything. I did it mostly out of curiousity. Just what would people access through a connection provided by someone they didn't know?

The answer was suprisingly mundane. Mostly email and light browsing. The location was in Amsterdam in an apartment near the "kalvertoren" a few years ago. For the non-dutch this is in the heart of amsterdam, yes within walking distance of the red-light district. This is holland, everything is in walking distance.

HOWEVER I have also found in more recent years that if you leave an AP open for general use, some people WILL not automatically limit themselves to minimum use. Cue the by now old trick of simply filtering a specific users access to replace all their image requests with tubgirl (if you think goatse is bad, google for it).

Still simply securing your network ain't always enough. At least some wifi security can be easily bypassed. At what point do we say "this is secured enough, you are now commiting a crime".

Personally I think it is bad sign if a bike stolen from an open garden gets a response from the police that you should have a 1 meter high fence, that is locked and the bike should have secured to something. Perhaps some people like to live in a world were everything has to be secured, I prefer to just lock up those that cannot understand the difference between something you own and something someone else owns. Either way, it seems we need an awfull lot of locks in this world.

Re:

[geekoid]

So you opened your AP, and then sabotaged the images? you are an ass.

"Furthermore, if I drop my wallet, does everyone here just assume that I don't want it anymore and you are therefore free to take it?"

We are free to take it, whether or not you want it doesn't matter.
However, thaty anology is really flawed and shows a basic lack od understanding of how WiFi works.

I send out a signal.
I get a reply.
I say "hey can I connect"
I get a reply that says either:
NO!
Sure, I need a username and password.
Sure I need an

This guy was behaving rather strangely..

[vorlich]

The BBC page: http://news.bbc.co.uk/2/hi/uk_news/england/herefor d/worcs/6565079.stm [bbc.co.uk] is quite clear that residents called the police because this man had screened off the windows of his car with cardboard but the light from his laptop was still visible in the early hours of the morning.

Goodness only knows what he could possibly have being doing in there but I guess the local constabulary decided to charge him with a crime that they had evidence of.

So less a story about those brave wardrivers liberating the net from the bourgeoisie and more a story about someone wierdo having a wank.

If that's a slashdot word.

Wi-fi Humping and Sane Laws

[Plutonite]

Come on, people. There are plans to have free w-lan access across entire states for chrissake..how the hell is some crackhead with a laptop supposed to know the difference between a free "Linksys" and a neighbour's "Linksys" if the two are open for usage? If you want to protect your network then at least show an effort that would require technical skill to overcome. At least then you have a case that a sane court can judge upon, because your effort is then analogous to warning against trespassing.

I can't believe they charged the guy $1000 for something his adapter's Windows client probably did on it's own. Hell, my *Linux* wrapper drivers catch on to the open network with the best signal automatically. I have had to intervene manually several times to stop this piggybacking, or humping as I prefer to call it. And not many people know enough to do this. In particular, you can't expect people to click cancel on an OS that requires a confirmation every time you want to scratch your balls. Wake up, Britain.

Re:

[Elentari]

Well, I am, and I don't post the comment you just made on every story that concerns US law.

There are other countries besides yours.

Re:

[Pojut]

Yes, actually. Every single day, either myself or my flatmates (depending on who leaves last) locks the door.

Every.

Single.

Day.

Except for once. About three months ago, I accidently left the top lock unlocked...that day, we came home to a door that was busted in, 3 laptops were missing, two Xbox 360's, and a 42" plasma TV. Never noticed anyone suspicious in our neighborhood, only people that are ever in our place are our families/girlfriends.

So yes, I would say that leaving your house/car unlocked is the s

Re:

[$uperjay]

If I leave my door wide open the neighbours are welcome to drop in and say hello. I do, in fact, leave my wireless access point open for people in my neighbourhood to use. I like the people in my neighbourhood.

Re:

[Fallingcow]

If you've got a little electronic box next to your door with a sign that says, "ask here for entry" and a recording that automatically tells people, "sure, come on in!" when they ask... then yes.

And that's pretty much exactly what an open AP does.

Re:

[Fallingcow]

You have set up a device that broadcasts its existence and nature in the clear, and that is automatically granting access to its resources to anyone who asks.

If someone sets up a stand with some brochures and a sign that says, "take one," am I stealing if I take one without first asking whoever put it up? Is it my fault if they just wanted something to put their brochures in, and didn't bother to look at what it said, and then ALSO decided to put it in a public place?

Re:

[shawn443]

Not unless their laptop reads "Smith Home, an Open Home".