Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major citiesevery public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permissioneven if it's wide openin some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
If the cashier gives you too much change back (like change for a 20, rather than the 5 with which you paid), it's not really stealing, is it? Well, yes it is. If the car's unlocked and the keys are in it, taking it for a ride isn't really stealing, is it?
In theory, having another computer on with you takes bandwidth and slows access. In practice, I have what amounts to an internet cafe in my house that my kids use, bringing their laptops over, and Ive never noticed any difference.
First off, regarding having multiple users on your home network, if you check with your terms of service, it's allowed. A few years ago, some people were surprised to see that they could be charged for extra usage if a router was installed. And regarding bandwidth, it depends on what that person is doing... Let's say that they're using your WAP to download kiddie porn, music files, or movies... You'll wonder why things are moving so slowly, plus you could well have contact with lawyers.
Mark
Cut and paste to the wpa-psk setup page in the router, and same in wireless login setup on the computer. Can be put on a USB key too.
Mel
Irrelevant. You have not demonstrated how simply connecting to an open wifi connection and browsing the net will allow someone to read the packets another user is sending/receiving. The short answer: they can't. It requires specialty programs like Ethereal and specific intent. Just connecting to an open wifi is not "sniffing the packets" as you alleged. Sniffing requires one to collect and read someone else's packets. You don't even have to connect to the AP to do that, you can just snarf them up out of the air as they are passed back and forth between third parties. If you have all the experience you claim and still don't know the difference you are either lying about you experience or lying about the difference between sniffing a packet stream and a simple connection to a network. Either one speaks poorly of your character.
Exactly correct, Wil, and completely misses the point of the article.
Try again.
It was three weeks before he was arraigned (they kept him busy with paperwork and stuff, he was at home, they did lots of negotiating and plea offers) and after arraignment FBI called his work and told them he’d been arrested, so he lost his job. They issued a court order for him to stay away from children or where children congregate (like his daughter’s school and church school and soccer) and sent a copy to his daughter’s school.
Things went along these lines for a while. Interviews, lawyers, documents to sign, permissions to give, negotiations with his lawyer. Very costly considering he’s out of work now.
Around month six, they announced that they’d gone over everything and had discovered actionable items, he was going to be charged. It took another year, maybe 18 months, before things got settled. He’s doing time in lovely LA harbor now as you read this, for possession of a bunch of pictures, over 200 which is a breakpoint for the sentencing guidelines. He pled guilty, by the way.
No, this had nothing to do with wireless, but it’s the six months from warrant to charge and the money he spent that’s disturbing. If they had found nothing, he’d still be out of his old job and missing lots of his savings.
Even if the whole process took four months and he got acquitted, it’s easily avoidable (don’t look at porn and keep your wireless locked up).
So yes, it helps in court, but believe me based on this guy’s experience there is much unpleasantness before you even get to court.
I keep my router locked up tight!
How do they catch people RECIEVING electromagnetic waves? THat’s pure idiocy. The whole point of my post is that criminalizing wifi “stealing” is a step in that direction of idiocy.
What’s next? issuing licenses to receive sunlight? How about unauthorized use of our planet’s limited supply of oxygen?
marked to read later
That's kind of like saying drinking water deprives Coca-Cola of revenue, which it surely does.
If they stay off of my puter, don't mess with my files,and don’t cramp my speed, then help yourself.
My Internet provider is nothing but a monolithic bandit anyhow.
"Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue,"
IIRC we had one in the 80’s that you could listen to using a short wave radio.
They found illegal (we both know what that means) porn on his drive. Sounds like the 'someone' who downloaded was your foaf.
Not related to open WIFI issue at all.
It's simple, an unsecured WIFI is an attractive nuisance, just like a swimming pool without a fence. The owner should be responsible for securing it. My networks SSID 'NessisIsListening' secured by WPA2 with a nice long pass phrase.
Your radio wave pollution is penetrating my property, which would otherwise be considered trespassing if the FCC didn’t claim jurisdiction, and trespassing through my body and the bodies of my family and pets, hypothetically increasing the risk of cancer to my family, yet the law says the trespasser and the source of cancer has greater rights than the victims.
If you don’t like this argument, why don’t you go set up a microwave tower dish next to your neighbor’s bedroom, when they peel your deceased neighbor’s melted fat off the floor of the bedroom, you can then sue his estate for stealing your microwave energy.
WEP is useless from a security standpoint, but at least it clearly delineates a moral line being crossed, in that someone has to download a cracking tool to get into your system. Piggybacking on a completely open system on the other hand is a moral gray area as far as I’m concerned.
I said it was not related to wifi.
He downloaded stuff, no question in my mind at all. Or the jury! But it took a long uncomfortable time before he was even charged.
Point is, it was a long, long time before he even got to enter a plea or be given his day in court, if he had been innocent it would still have been months. He lost his job on arraignment, not sentencing.
The long personal post (I rarely post personal stuff here) was in response to a comment that if you got accused of doing something wrong online, not being aware of who was using your connection was a defense.
Sure, if you are willing to lose your job and spend $150,000 before you even get to trial! My point was that it is not trivial to get out of a situation like that.
Better to protect yourself from the problem to start.
Wi Foo is an excellent resource for improving your relevant experience. Amazon shows Wi Foo II coming out in July 2008.
HA! :-) Funny! :-)
I don't know if you really do that because a handheld yagi is much more useful than a magnetic mount omni antenna for that purpose. Obviously, you know that in principle from your HAM experience.
People are caught when they divulge the information they received eavedropping on a private communication. Cable companies catch thieves by using a truck mounted receiver with a directional antenna to pick up the local oscillators of a cable box. They make lots of digital noise with a fairly specific signature. It's a paying proposition to catch and fine the thieves.
I put a GPS receiver, 802.11b Ethernet converter and Kyocera M200 (1xRTT) on each of my research rail cars. The PC104 (linux) computer sets up a PPP link to VerizonWireless. As the cars move around the country, they send a GPS lat/lon/timestamp/battery voltage to my web server in Mclean, VA. That allows me to track the cars and create a coverage profile for VerizonWireless. The cars employ OLSR mesh networking so telemetry to/from the locomotive can traverse the train even when line of sight is lost around a curve. The link state up update 5 times per second. As a proactive mesh network it provides minimal latency for time critical controls. Connectivity to devices on the car is accomplished with a CAN network at 125 KHz.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.