Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major cities—every public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permission—even if it's wide open—in some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
It's perfectly legal to sniff packets traveling across your network (regardless of whether unauthorized nodes are connected) just like it's legal to have a guard dog tied up in the yard or hire a security service to monitor your house.
What a load of nonsense. Wifi broadcasts its signal to anyone. It COMES TO YOU; you do not even have to come to it at all.
That is NOT like going into an unlocked house, and that analogy is really tired and stupid.
That's not true. There are plenty of closed 2-meter repeaters that won't allow access unless you have paid a club membership. You can't encrypt it, but like you said, you can restrict access via MAC filtering or other means. THAT is legal.
If I were to go to one of the usenet sites used by illegal porn distributors and dl a few gigs of images or go to a sharing site and collect a dozen or two complete CDs, I’d be safer using someone else’s connection and an external drive. If the feds happened to be tracing IP returns, it would show some poor guy who never encrypted his router.
After the feds came in and take his box and ALL of the digital media in his house (some bad guys put data discs in music CD cases, labels and all, so FBI takes them), and a search of his house thorough enough to find a 16K thumb drive, and make the usual comments like “You are in deep, deep trouble. Just cooperate and we’ll ask the judge for leniency. You know, having over 200 images can get you twenty-four months in Club Fed...”, when they finally let him loose in six months of hearings and interviews, he’ll encrypt his router when he gets it back.
If I request permission from you and you agree, and I come inside to watch a game on a cable channel that I don't subscribe to at my house -- is that stealing?
It's impossible for me to connect to your wi-fi without your wi-fi giving my computer permission to do so.
One of the previous posters was right - the other three connections I get locally are "2wire" "netgear" etc. Folks just plugged in and turned on.
I blame irresponsible salesweasels / techs. Lots of ink gets spilled over patching the OS, but quite frankly, most patches are completely irrelevant with a solid firewall and tight wifi security, IMHO.
“It’s perfectly legal to sniff packets traveling across your network (regardless of whether unauthorized nodes are connected) just like it’s legal to have a guard dog tied up in the yard or hire a security service to monitor your house.”
Is it legally or morally ok, therefore, to send viruses to the computers stealing/sharing the bandwidth?
Can I fish there if you grant me permission to do so? Because it's impossible to connect to a wi-fi without the wi-fi either giving permission when asked or not giving permission and being denied by MAC filtering or password protection.
Close, but not quite.
If you just sat and gathered/watched whatever was broadcast out on your neighbor's Wifi network - then - your assumption is correct.
But, as soon as you ask for an IP and start surfing the web, traffic goes in two directions.
...And broadcasting an invitation to connect. If you don't want people to connect, then turn off the broadcast of your SSID and turn on MAC filtering or password protection. You can't complain about someone using a path through your backyard if you have a sign up inviting people to "use this path". If you put up a sign that says "trespass forbidden" (MAC address filtering or password protection), THEN you can complain.
The Wi-Fi equipment can't "give permission". It is hardware owned by some person or business. You must get permission from the person who owns, controls and pays for that Wi-Fi equipment before using it for your own purposes.
WiFi is *not* the same as tv or radio because as much as their signal goes into your house in either case unlike TV wifi is bidirectional so you with intent connect to a device in their home and leech their bandwidth..
Youre missing the point... An unlocked door does not grant explicit permission to come into my home and plug into my network. An unlocked connection (as dumb as that may be) also does not grant you explicit permission to use my network.
No, it isn't broadcasting an "invitation". That is YOUR misinterpretation. It is broadcasting an identifier. You are free to intercept and read the value of that identifier. That doesn't give you license to pursue a connection to the equipment that did the broadcasting.
If you happen to intercept information while sniffing the packet streams, you are constrained by the Communications Act of 1934 not to divulge anything you might learn without the explicit permission of the parties communicating. You can and will be prosecuted if you use that information. Ignorance of the law is no excuse.
we are not arguing about RECEIVING, it's TRANSMITTING over someone else's network that is the problem.
we are not arguing about RECEIVING, it's TRANSMITTING over someone else's network that is the problem.
Your wireless router is also transmitting a signal to my laptop without my permission. Maybe you should go to jail for that.
Do you have a license to transmit that signal onto my property?
It's a problem both ways. Unauthorized interception of communications is illegal. You can't effectively steal bandwidth unless a transmission is involved as the communications protocols demand activity in each direction. Most devices with an integrated Wi-Fi device have a means of disabling it. That is a requirement to operate the device on an aircraft. Enabling the device without prior authorization to connect to a network is an intentional act.
2.4 GHz Wi-Fi operates in an unlicense industrial band. No license is required as long as the emissions meet the FCC requirements for frequency, modulation and power. The FCC specifically requires you to tolerate any interference from other users of that frequency band. You don't have legal recourse.
Your wireless router is also transmitting a signal to my laptop without my permission. Maybe you should go to jail for that.
Again, you have no recourse given the laws on the books regarding transmissions from the device certified by the FCC. Cordless phones and microwave ovens also emit those frequencies. They are exempt under the same legal statutes.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.