Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major cities—every public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permission—even if it's wide open—in some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
Yes, those are good if you really want to be secure.
The point of this thread is “is it tresspass or is it invitation?”, and cultural norms dictate that a “we’re open!” sign invites entry, while an unmarked door with a lock (even if unlocked) indicates “stay out”.
And leaving it unsecured, he could reasonably expect people to leech in every now and then. I certainly would. And now that I know you talked to him about securing it, and i know he knows about that option, I could reasonably argue that he left it open on purpose. He might actually want people to leech. Or he might not. But the potential leecher wouldn’t be able to tell the intention of the owner, would he? Except if you argued that the only way to discern intention is through the fact of his securing or not securing his bandwidth asset.
You are trying to trick us by calling it theft when whether it IS theft at all is what we are talking about. Your argument that it is theft needs to be more than calling it theft.
No it isn't. It's much more like my restroom analogy. The bus company doesn't care if you use their restroom at the bus terminal. They are not in the business of selling lavatory opportunities. They are selling transportation. Your analogy would be more like someone showing up at a restaurant at closing time and asking for the food the restaurant is about to discard.
ML/NJ
I like your analogy best so far. It’s why people who take info security seriously leave no doubt about it and tell you to get out if you don’t belong.
How is it theft if entry is INVITED? Once again: such a router is BROADCASTING "Hey everyone, I'm open & I'm free!" and happily hands out access codes upon request.
This analogy thing is driving me crazy!
I have WEP turned on and MAC filtering as well. MAC filtering is, for home use, your best bet, imho.
Face it, when it comes to home wi-fi, there are basically two types of users:
1) Power users and
2) Idjits.
We don’t have to worry about 1). And we will never do away with 2).
But it should still be THE OWNERS RESPONSIBILITY to secure the network.
Otherwise, what’s next? Swat teams busting down my door and handcuffing everybody within a 5 mile radius because somebody has evidence of wifijacking?
I have WPA with a 28 character password. I guess a hacker worth his salt could break into my system but why is he going to bother when my neighbor's connection is open?
Does anyone know what the law pertaining to WiFi access “piggybacking” is in Kentucky?
“If you buy a CD put it in your stereo, open your windows, turn your stereo up so it can be heard from the street, then someone walks by and hears your CD and stops to listen you paid for the CD and the stereo.
You going to have them arrested for stealing stereo and listening service?
Yea didn’t think so, or at least I would hope not.”
No, the way I see this is not opening my windows and broadcasting free music to everyone passing by. That would mean I am actively and purposely inviting people to use my service. I see it more akin to listening to my music and someone thinking that because my windows are not locked, they are free to open my windows to listen.
If I put a sign in my window offering FREE (insert whatever here), I would be actively giving it away. I do not see how this is the same as someone saying... “it is not locked, so it deserves to be stolen”.
I am protected. Hardware and software. It is just the entitlement to steal something not paid for just because it is not locked that gets me. Perhaps my posting thru this limited medium is making my opinion unclear.
When I use the neighbor's access point or any other that is not locked, I would treat the connection as my own in terms of abuse. I have WiFi at home but I have it locked based on WEP code and MAC address.
I have the same situation... my mother-in-law if comfortable using dial-up AOHell to send e-mail and sees no need to pay for a faster connection. Lucky for me, her neighbor installed a new D-Link Wireless-N router and left it unsecured.
I stay off of high-bandwidth sites when using that access point. I *could* have viewed YouTube to my heart's content (that wireless-N is *faaaast*), but I figure that some discretion is warranted.
Besides... I don't want my activity to cause the owner to enable the password. If he/she does, it's back to the coffee shop when we next visit.
Your router’s name is almost certainly the “linksys” entry. You can control it’s setup.
The 2wire186 and similar WiFi networks that you find are ISP (or city) provided wi-fi service. The “2wire186” network that you find will be WEP enabled. I know as I’ve tried to connect into these from several sources and have been unsucessful.
That's EXACTLY what we're talking about here.
You fire up your laptop, and invoke the "show available connections" window.
Your computer LISTENS for a few seconds.
It proceeds to show you a list of routers who are ACTIVELY inviting connection - no different than putting a sign in your window offering FREE (insert whatever here).
You click on the entry for your router, and it does absolutely nothing to resist access ... to the contrary, it happily hands out free access codes (DHCP IP addresses).
If your router's SSID broadcast setting is 'on', there is no WEP key required, MAC addresses are not "checked at the door", and has a live connection to the Internet, then YOU ARE ACTIVELY GIVING ACCESS AWAY.
Let's put it a different way: there IS NO OTHER WAY to say "free Wi-Fi Internet access here!"
Our problem with your posts amounts to the absurdity of you putting a sign in your window offering FREE (insert whatever here) and then denying that you are actively giving it away.
See post #114. I’m not familiar with the “2wire186” name, and would need additional info to diagnose. Seems #114 is much more familiar with the scenario.
To call it “theft” presumes that the owner doesn’t want you to use it and you are guilty of some sort of tort.
If somebody is willing to presume such a thing, then why should it not be the owners responsibility to secure their network?
Maybe he WANTS to leave it open so any Tom, Dick, or Harry can use it. We simply don’t know. And based on what we do know, we cannot make that legal conclusion.
Hot spots are another matter entirely. Their networks are set up as an added bonus sort of thing. Their business models include it, and they bear the expense of setting them up, so they have absolute dominion over who uses it and why and when.
Absolutely not.
You keep using terms like "theft" and "stealing" ("tresspassing" would be more accurate to what you're trying to express) in a situation that isn't criminal because it's invited.
Let's analogize your question:
"If my front door was unlocked and had an 'OPEN' sign on it, and someone walked in ... does that give me the right to shoot them?"
Understand?
I think 2wire186 is Qwest, not sure though.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.