Posted on 01/07/2008 10:46:22 AM PST by SubGeniusX
Network security firm Sophos recently published a study on what it terms WiFi "piggybacking," or logging on to someone's open 802.11b/g/n network without their knowledge or permission. According to the company's study, which was carried out on behalf of The Times, 54 percent of the respondents have gone WiFi freeloading, or as Sophos put it, "admitted breaking the law [in the UK]."
Amazingly, accessing an unsecured, wide-open WiFi network without permission is illegal in some places, and not just in the UK. An Illinois man was arrested and fined $250 in 2006 for using an open network without permission, while a Michigan man who parked his car in front of a café and snarfed its free WiFi was charged this past May with "Fraudulent access to computers, computer systems, and computer networks." On top of that, it's common to read stories about WiFi "stealing" in the mainstream media.
It's time to put an end to this silliness. Using an open WiFi network is no more "stealing" than is listening to the radio or watching TV using the old rabbit ears. If the WiFi waves come to you and can be accessed without hacking, there should be no question that such access is legal and morally OK. If your neighbor runs his sprinkler and accidentally waters your yard, do you owe him money? Have you done something wrong? Have you ripped off the water company? Of course not. So why is it that when it comes to WiFi, people start talking about theft?
The issue is going to come to a head soon because more and more consumer electronics devices are WiFi-enabled, and many of them, including Apple's iPhone and most Skype phones we've used, come ready out of the box to auto-connect to open WiFi networks. Furthermore, as laptop sales continue to grow even beyond desktops, the use of open WiFi is only going to grow along with it.
Steal this WiFi connection!
When you steal something, there's typically a victim. With WiFi, Sophos thinks the ISPs are the victims. "Stealing WiFi Internet access may feel like a victimless crime, but it deprives ISPs of revenue," according to Sophos' senior technology consultant Graham Cluley. Furthermore, "if you've hopped onto your next door neighbors' wireless broadband connection to illegally download movies and music from the 'Net, chances are that you are also slowing down their Internet access and impacting on their download limit." In Sophos' view, then, both ISPs and everyday subscribers can be victims.
In one fell swoop, "stealing WiFi" gets mentioned in the same breath as "illegally" downloading movies and music. The fact is, people join open WiFis for all manner of reasons: to check e-mail, surf the web, look up directions to some place, etc. Those don't sound like nefarious activities, however, and certainly not activities which are likely to get someone in trouble. Of course if you run an open WAP (wireless access point) and it is heavily used for just e-mail, you could still hit your bandwidth cap (if you even have one), but that has to happen only once for that user to figure out what's up, and fix the problem. And let's be honest: it is their problem. No one forced that user to install a WAP or to leave it wide open. We'll get back to this in a minute.
The argument that using open WiFi networks deprives ISPs of significant revenue is also a red herring. Take the case of public WiFi hotspots: official hotspots aren't that difficult to find in major cities—every public library in Chicago has open WiFi, for instance. Are the public libraries and the countless other free hotspot providers helping defraud ISPs? No, they're not. There's no law that using the Internet requires payment of a fee to an ISP, and the myriad public hotspots prove this.
Really, there's only one time when you could argue that an ISP is being gypped, and that's when someone is repeatedly using his neighbor's open WiFi in lieu of paying for his own service. Is this really wrong? Let's consider some parallel examples. If the man in question were given a key and told that he could enter his neighbor's house whenever he wanted to use a PC to access the Internet, would this be wrong? Of course not. They key here (pun intended) is the "permission" given by the owner of the home. Our leeching friend would clearly be in the wrong if he were breaking into the house, of course, because he would be sidestepping something clearly set up to keep him out. If he has permission, I suppose one could argue that it's still not right, but you won't find a court that will punish such a person, nor will you find too many people thrilled at the idea that someone else can tell them who they can and can't allow into their homes for what purposes.
Some people leave their wireless access points wide open deliberately. A friend of mine and recent seminary graduate lived in a campus-owned apartment building. In addition to being a man of the cloth, Peter is a longtime Linux user and open-source advocate. While living here in Chicago, he got his DSL from Speakeasy and shared the connection with others in his building... and anyone else who needed a quick Internet fix (Speakeasy even encouraged this). He even positioned his router so that anyone in the church across the street could pick up a signal. Obviously, not everyone is like Peter. But despite easy-to-read instructions and a plethora of warnings about the need to secure your WAP, some people just can't be bothered to enable the most basic security settings.
To the person with a laptop and a sudden need to check e-mail or surf the web, it's not possible to tell who is leaving their access points open deliberately and who just plain doesn't care. The access point is there and the virtual doors are unlocked, so why not take advantage of it if you're in need?
A couple of caveats: be familiar with the law of the land. As the examples at the beginning of this story show, it's illegal to access a WAP without permission—even if it's wide open—in some places. Also, you should never use an open point for anything illegal or even unneighborly. Don't log onto the first "linksys" WAP you see and fire up a torrent for your favorite, just-released Linux distro.
And as always, don't leave your own 802.11b/g/n router wide open unless you're comfortable with random surfers using your 'Net access for their own purposes.
Open WiFi is clearly here to stay.
Whether it's stealing solely depends on your intent, and it's up to the other person to determine that. Leaving WiFi open for your neighbors is getting popular, and routers have been made that have two firewalled sides for your security, one for you and one for the free WiFi you're providing, both using the same broadband connection. I believe the British phone company is even encouraging people to have open WiFi so there will be more coverage for mobile devices.
This will drive the RIAA and others nuts when it gets more popular, as going by the IP address (if using NAT) would mean nothing anymore.
But when that's popular we will have to have a shift in thinking and law to what the author thinks: leaving it open is implicit license to use it. We already do this for the private property most of us visit every day, such as stores and restaurants. If we don't do this you could accidentally break the law 20 times by driving down the road with your iPhone.
Not only that, but the router may only support a small number of different IP addresses and you may be denying the rightful owner of the router from attaching all the devices that he/she wants to at any time.
I understand that and indeed the FCC regs are what they are, but they also make it quite LEGAL for anyone to use those frequencies AS IS.
I understand the idea of ethics and no, *I* wouldn’t use someone’s WiFi without permission, but others have used mine....
Of course.
On some popular non-Windows platforms, the radio can be configured to automatically find and connect to the best signal without notifying the user. I typically use that mode.
The burden belongs to the access point operator to take affirmative steps to limit access with encryption, password protection, MAC filtering, etc. If the access point is wide open on an unlicensed frequency, it should be considered a public-access connection.
At home, I get “linksys” and something called “2wire186” as WiFi possibilities. Can you maybe shed some light on what this means - I used to have a 2wire router on my DSL connection but now have Comcast, and my laptop at home is WiFi ready. Could it be the 2wire186 is actually my home WiFi connection?
This discussion is absolutely intriguing.
Don't ever leave your house unlocked , I might just help myself, after all, it's not really stealing, is it?
If someone comes into your house and uses your wi-fi, that's trespassing. To a lesser degree, it's also trespassing if they walk onto your lawn and log on. But if you send a signal out to the public sidewalk or the street with no password protection, that's your carelessness. It's not stealing.
That’s way I protect mine and do not open it to public access.
You shouldn’t be scared to use it. Just take a little time to figure out the security and turn it on.
jw
Wrong. Radio and TV are over the air broadcast intended for a receive-only application. Wi-Fi traffic is fed from an internet connection that exists because someone is paying for that connectivity. The Wi-Fi thief is transmitting traffic into the stolen connection and consuming incoming bandwidth...both to the detriment of the victim whose equipment is illegally being accessed.
In addition, IMHO if a neighbor doesn't see fit to encrypt his WAP, he is giving his permission for anyone in range to access his connection.
That “stolen connection” is actively broadcasting “I’m here! I’m free! Connect to me!” and hands out access codes (to wit DHCP auto-assignment of IP addresses) to anyone who asks for one. Hardly “theft” when it’s being advertised and actively supported.
Want to prevent “theft” or otherwise make it clear outsiders are not welcome?
- shut off SSID broadcast (the “Hey! I’m here! I’m free!” thing).
- turn on WEP encryption (the lock-on-your-front-door thing).
- turn of DHCP assignment (the here’s-your-visitor-card thing).
- enable MAC filtering (the “who are you?” thing).
If you’re telling the world they can connect, and make it trivially easy to do so, and thus make it look exactly like it’s deliberately open for public use (like mine), then it’s not tresspass/theft/whatever.
You can do more. Turn off broacast SSID, turn off DHCP, apply a MAC filter to accept only MAC addresses from devices you have authorized, employ WPA2 with AES crypto. Internal directional antennas to keep your Wi-Fi signal on your own property also helps. A filtered range of IP addresses associated with specific MAC addresses can ward off the clown who tries to clone the MAC address of one of your authorized devices.
That “stolen connection” is actively broadcasting “I’m here! I’m free! Connect to me!” and hands out access codes (to wit DHCP auto-assignment of IP addresses) to anyone who asks for one. Hardly “theft” when it’s being advertised and actively supported.
Want to prevent “theft” or otherwise make it clear outsiders are not welcome?
- shut off SSID broadcast (the “Hey! I’m here! I’m free!” thing).
- turn on WEP encryption (the lock-on-your-front-door thing).
- turn of DHCP assignment (the here’s-your-visitor-card thing).
- enable MAC filtering (the “who are you?” thing).
If you’re telling the world they can connect, and make it trivially easy to do so, and thus make it look exactly like it’s deliberately open for public use (like mine), then it’s not tresspass/theft/whatever.
If you buy a CD put it in your stereo, open your windows, turn your stereo up so it can be heard from the street, then someone walks by and hears your CD and stops to listen you paid for the CD and the stereo.
You going to have them arrested for stealing stereo and listening service?
Yea didn’t think so, or at least I would hope not.
I agree, and I use windows and linux on my systems at home. I use a wireless broadband provider and I’m not SUPPOSED to give away access. It’s against their rules, but not against the law.
I agree, and I use windows and linux on my systems at home. I use a wireless broadband provider and I’m not SUPPOSED to give away access. It’s against their rules, but not against the law.
” “ pay for my service. I do not think it is ok for someone to steal it.” “
“Then why is your router broadcasting its name, telling everyone it’s unlocked, and actively handing out access codes to anyone who asks?”
I am not unlocked. I am protected with both hardware and software. I was addressing the viewpoint that states... if it is not locked, then it is fair game for theft.
” “ pay for my service. I do not think it is ok for someone to steal it.” “
“Then why is your router broadcasting its name, telling everyone it’s unlocked, and actively handing out access codes to anyone who asks?”
I am not unlocked. I am protected with both hardware and software. I was addressing the viewpoint that states... if it is not locked, then it is fair game for theft.
” “ pay for my service. I do not think it is ok for someone to steal it.” “
“Then why is your router broadcasting its name, telling everyone it’s unlocked, and actively handing out access codes to anyone who asks?”
I am not unlocked. I am protected with both hardware and software. I was addressing the viewpoint that states... if it is not locked, then it is fair game for theft.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.