Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major cities—every public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permission—even if it's wide open—in some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
Again, you have to be careful with analogies. Is there a time limit or a by-the-minute charge or a by-the-megabyte charge?
I have to disagree. Bandwidth is a fixed quantity for which the owner of the AP pays. Using unused bandwidth without permission is harmless enough but rather rude; competing with the legitimate owner for bandwidth is theft.
Secure your router and it shouldn't be much of an issue. There isn't any perfect security but intention to secure is demonstrated even by the presence of a WEP key. Leave it wide open and don't expect a lot of sympathy if freeloaders make your activity lights dance.
Free access isn't necessarily benign, either. Some idiot threatens to assassinate the President over your router and whose IP addy comes popping up on the Secret Service list? There's a way to prove you're innocent if you're logging the right stuff and know where to look for it but how many private owners bother?
There are are thousands of transmissions passing near/through/by you at any moment, it doesn't mean you have rights to intercept and respond.
Do you transmit on Police frequencies? Do you transmit to Air traffic control? Do You transmit to military bases?
No? Why not?
Because you are not authorized to do so. Just because you receive a transmission doesn't give you the right to TRANSMIT in response.
Maybe the guy picked a poor example.
Utilizing a restaurant's wi-fi is sort of like stopping in to using their restroom. They can stop you if they want to, but they usually don't. When you wash your hands or flush the toilet, you reduce they water pressure that can be delivered to their dishwashers, but it's usually so insignificant that the dishwashers will keep working just as they would have if you hadn't stopped by. In fact restroom use does have a small paper and maybe maintenance cost to the restaurant. I wonder if you consider that stealing. These costs have no analog associated with the drive-by wi-fiers.
ML/NJ
I wasn’t talking FCC regs. They are what they are.
I was talking ethics and more specifically the limited usefulness of analogies.
So theoretically, I could listen in on my neighbor’s wireless phone calls if I could figure out how to do it. In the old days, scanners could pick them up.
I don’t think I like the idea of having to board up my windows so that people cannot peep in and watch my TV. ;)
I pay for my service. I do not think it is ok for someone to steal it. If someone wants the service they should also pay for it.
Yes, my stuff is protected, but ... well, dunno... the thinking that it deserves to be stolen is not to my way of thinking. I grew up in a time that no one locked their houses or their cars. And when our moms sent us to the store, we left our bikes outside. No one ever, ever, thought that it deserved to be stolen.
Different times we live in, huh?
Anyone who references Pixies lyrics at Free Republic wins bonus points in my book. ;)
On the other side of things, it is perfectly legal to capture traffic on your wide open WLAN and it is also legal to access (or ‘monitor’) any computer accessing your private WLAN unless you publish a public privacy policy of some sort.
Come on! You're being silly. Transmitting on a ATC frequency makes that frequency unusable for its intended purpose for the entire time (plus a bit) during such a transmission. Drive-by wi-fiers checking their email do no such thing.
ML/NJ
You, him, are the future, and as always, only more to go.
The illegal user is transmitting to the receiver portion of the router and issuing commands for action- open the port, send my packet, when you get the return data for my packet, route it to me, not to the guy who paid for the connection and the router.
..But they do own their signal. And they own the equipment (wireless router) that you are using to access the internet.
So if it's okay for you to have unauthorized use of someone else's router, why shouldn't they have unauthorized use of the contents of your house?
A much-overlooked technical point with this issue:
For one to “piggyback”, “borrow”, “steal” etc. an open Wi-Fi connection, the conversation between the computer and the router goes something like this:
Router: “Hey everybody, there’s an active Wi-Fi router available named ‘linksys’ and it does not require a key to access!”
Laptop: “Hey, neat - can I connect?”
Router: “Sure!”
Laptop: “I don’t have a suitable IP address. Would you please give me one?”
Router: “Sure! Here, use 192.168.1.13!”
Laptop: “Great. Now, could you send this packet to www.google.com?”
Router: “Be happy to.”
...
Got that? The router:
- yells to everyone in radio earshot that the connection exists, is open, and is unlocked.
- hands out IP addresses to anyone who asks.
The real-world analogy might be: A building’s doorman periodically shouts “this door is open!” and hands a personalized nametag to anyone who asks to enter. It’s not just that the door is open and entrants are unchallenged, it’s that the door’s openness is actively advertised as such, and that instead of nobody challenging entrance or asking for ID, visitor ID tags are freely handed out.
Don’t want people to enter? Turn off “broadcast SSID” and require a WEP key - to wit: stop inviting people in and handing out visitor tags.
Not since Sheryl Crow set me straight..
It’s an odd beach, Free Republic. All sorts wash a shore.
Heck, theoretically you could chime in on the conversations. (I refuse to admit I’m old enough to remember party lines. That was way before I was born. Decades. Eons. Well, OK, but we only had the one (sob!))
That goes without saying....or at least it did until you said it.
I'm not anticipating a roving band of hackers to come through the neighborhood and start using my connection.
I guess I didn't make my point clearly enough so here we go again.
Too many people do not take ordinary care of their connections. Why make it easy?
I know hackers can always find a way, but why lay out a welcome mat for everybody and everybody's dog to glom onto your hookup by skipping the security features altogether?
Not since Sheryl Crow set me straight..
WEP and WPA keys are easy to break. Fortunately, there is enough free WiFi floating around that there is not real purpose in cracking the keys on a home network. Some uber nerds do it for fun, but by in large there isn’t anything there of interest.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.