Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major cities—every public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permission—even if it's wide open—in some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
Then why is your router broadcasting its name, telling everyone it's unlocked, and actively handing out access codes to anyone who asks?
Which proves that the UK is an insane nation of serfs - so what?
Not since Sheryl Crow set me straight..
Let’s say I have a house on a river and no fence. So if people go into my yard to fish without permission they’re not trespassing? No, I paid extra for a house with that location, and the right to fish on it is mine.
Likewise, I’m paying for broadband, a WiFi router and the electricity to run it. It’s network trespass, although admittedly the nature of WiFi and the automatic connection mechanisms of operating systems means that people can accidentally trespass.
I'll begin this statement by noting that I have a wireless router that I suppose isn't secure. I don't recall ever "securing" it and unless the instruction manual specifically told me how to secure it, I'm not.
But to answer your question, it seems to me that the primary difference between the two is that if someone comes into my house and uses my stuff, it typically is depleted in some way, but that's not really true for using some one else's wireless. For instance, if my neighbor walks over to my house and drinks the can of Dr. Pepper that I have in the fridge, when he drinks it, it's gone. I don't have my can of Dr. Pepper any longer. But with my wifi, it's different. My neighbor can use my Internet and I've still got Internet--assuming, of course, my neighbor isn't doing any sort of Internet usage that is out of the ordinary.
It seems sort of similar to how if I play my stereo at loud volumes, I could complain that my neighbors are listening to my Journey cd without paying for it. Maybe they are--but what do I care?
By it’s design, the wi-fi is broadcast to anyone that can use it. Unless a person puts a sign out front that says it’s ok to come in and take stuff, it is considered private property.
If you play your music loud, does everone have to cover their ears so that they are not stealing from you? Does everyone in earshot have to pony up to the artist or record company?
I finally went to my neighbor and told him to secure his router. Stories about people surfing kiddie porn or downloading music using his identity helped convince him to do it.
The proper comparison is to a TV set in a bar tuned to the Big Game. It's intended to draw in customers. The bartender could throw out anyone he sees strolling in and watches the game fro some extended time X without buying a drink. He would not be able to arrest such a person for trespass unless he became abusive and refused to move along when requested.
Excellent analogy. Receiving public transmissions should not be illegal as long as they are not secured. All the individual is doing is receiving a signal like tv, radio. As long as transmissions are not secured it should be LEGAL.
Sounds to me like the owner is transmitting an invitation to connect.
There are so many free, available wi-fi connections available, that even a small amount of security will make them try one of the other signals. We are not talking about highly motivated people here...they tend to to follow the "path of least resistance" and any effort you can make to make your path less easy is a step in the right direction.
“Stories about people surfing kiddie porn or downloading music using his identity helped convince him to do it.”
But he would have been perfectly within his rights not to secure it, right?
If somebody runs a network and WANTS it to be secure,
they should spend some time and energy to MAKE it secure.
If I can drive by and log on, then some Islamic terrorist type can do it too.
Trouble is, people buy the stuff and ask the salesman and he says “Well, just plug it in, and it should work...” like it’s just a toaster or something.
They could just as easily make it a crime to have an unencrypted network.
What if they were downloading child porn, and the Feds came after you? Your ISP directed them to your connection.
Can you prove YOU did not download the porn?
Or music, or DVDs, etc.
I would want my WiFi protected for these reasons.
Comments??? I have a wireless router in the box, and haven’t hooked it up yet due to my ignorance in these areas.
But my real point is that there is a full spectrum of transmissions in the air at any time, and just because you have the ability to intercept any of them doesn't inherently give you the right to respond to ANY of them which has been the premise of the argument from the outset.
It's like justifying riding on transportation with paying for your ticket, after all, the bus/train/plane was going there anyway.
WPA keys are not easy to break unless they are weak to begin with. Any literature on the topic specifies that WPA’s vulnerabilities rest in the use of weak passwords. Most WPA schemes use some sort of built-in randomizer, making the keys strong. Script kiddies can crack weak passwords with freely available software. Good passwords, however, are safe.
WPA keys are not easy to break unless they are weak to begin with. Any literature on the topic specifies that WPA’s vulnerabilities rest in the use of weak passwords. Most WPA schemes use some sort of built-in randomizer, making the keys strong. Script kiddies can crack weak passwords with freely available software. Good passwords, however, are safe.
So the victim is the neighbor whose connection has been slowed. He's victim Numero Uno. The ISP doesn't figure into it. And yet, they get first mention.
You know, if the ISP is that worried, they should go around to their clients and offer free security services to scramble or protect those signals. But they won't.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.