Posted on 07/02/2011 12:13:03 AM PDT by LibWhacker
A federal judge ruled that Google can be sued for wiretapping after sniffing open Wi-Fi in Wi-Spy privacy lawsuit about wardriving Street View vehicles.
Looks like Google Street View cars may have been "officially" riding dirty and Google may get slapped hard for its Wi-Spy fiasco. A federal judge did not dismiss the case against Google; instead in the first such decision of its kind, the judge ruled that sniffing open Wi-Fi packets might violate the Federal Wiretap Act.
Remember when intelligence gathering ability was allegedly "going dark" due to the masses moving to VoIP like Skype and the feds had wanted CALEA to require a backdoor so law enforcement can intercept online encrypted communication? Microsoft's "Legal Intercept" patent to monitor VoIP may be the easy-access eavesdropping the feds were hoping for, but it also wasn't too long ago when the FBI was seeking Google's help in wiretapping. It's doubtful the kind of wiretapping help the FBI wanted would have included when the Internet search giant intercepted packets on non-password-protected Wi-Fi networks. But now Google may be legally liable for wiretapping in regards to the 600GB "payload" of MAC addresses, usernames, emails, passwords and other "private" data gobbled up by Street View mapping vehicles.
U.S. District Judge James Ware ruled, [PDF] "The court finds that plaintiffs plead facts sufficient to state a claim for violation of the Wiretap Act. In particular, plaintiffs plead that defendant intentionally created, approved of, and installed specially-designed software and technology into its Google Street View vehicles and used this technology to intercept plaintiffs' data packets, arguably electronic communications, from plaintiffs' personal Wi-Fi networks. Further, plaintiffs plead that the data packets were transmitted over Wi-Fi networks that were configured such that the packets were not readable by the general public without the use of sophisticated packet-sniffer technology."
Although Google argued the data was "readily accessible to the general public," because the networks "were 'open' and 'unencrypted'" and should not then qualify as a wiretapping violation, Judge Ware called that claim "misplaced." This case is important on many levels as it may determine if sniffing open Wi-Fi packets constitutes wiretapping. Sniffing open, unencrypted Wi-Fi is hardly rocket science these days; even the truly clueless can master automated tools like Firesheep and FaceNiff. Whether you leave your wireless network open and unencrypted, or sometimes use such a wireless network at a coffee shop, we should all be paying attention to this to find out if we could be sued for wiretapping.
Google had first claimed it didn't realize it was wardriving, sniffing and snarfing up data on unsecured Wi-Fi networks in about a dozen countries. Then it claimed the Street View car debacle was a mistake and apologized. Now Google claims the lawsuit is "without merit" as it argued that open Wi-Fi networks were like "radio communications." Since the judge is not letting Google wiggle off the wiretapping hook that easily, now the company is considering appealing and is "still evaluating our options at this preliminary stage." I wonder if we'll see Street View cars rollin' or if there are too many people hatin' now?
Perhaps the analogy is that you have a rural mail box on the roadside and you left the door the open which allows someone with the latest technology to read and copy your mail without opening the envelopes.
They still have that in the UK - don’t forget to pay your telly-tax.....
I think the obvious conclusion is that none of our analogies are all that applicable. :)
Sometimes new technologies just don’t fit very well into existing boxes.
...and that's the problem. The government wants to grab all the control and revenue they can, and some suck-up corporations are glad to market the grey areas to whoever will pay them for it, be it unsecured private WiFi or valid lists of email addresses.
I certainly don't like the way the Obama FCC is trying to grab power over the Internet.
And while you are there, see if your connection is one of them. If it is, get out your manual and admin your wireless router-switch to turn on your security!
If it is, I'm in deep doo-doo. And so is the Website that broadcasts 'them' (multiple Fire and Police Depts in the USA to choose from) over their "Online Scanner".
I'm listening to the Chicago Police Dept right now and do every day. But interesting enough for about decade I couldn't find ANY websites that would do it. One day they were there, then wham -- all web broadcasts gone. So 'something' must have changed to make it 'legal' now.
I grew up listening to the CPD Radio Calls. First with a Vacuum Tubed Shortwave Radio back in the 50's. Then with a portable AM-FM-UHF-VHF Channel transistor radio in the late 60's and 7O's. With that I'd have to find the exact frequency for our Chi Police District, the 9th District, and that took 'patience' to find.
Someone without a Midwestern sense of property might think it was a standing invitation.<<
Two reasons to wardrive...to look at someone elses stuff or use their bandwidth. Neither of which someone is invited to do affirmatively. Do you have the right to take something just because it’s there? If you asked them...the property owners would they say yes?
Trick question I guess. It is the difference between private property and pirate property...arrrrg!
DK
I would look at this as a expectation of privacy
If I expect it to be private than anyone snooping is wrong
Just because the lady down the street left a gap in her bedroom shades dose not make it legal for you to go peeking through her window
... you flip open your laptop and begin surfing the internet's best, most awesome website, Freerepublic.com, ...
Ahh - but the difference is that Google is purposefully acquiring and selling the data it is recovering in its wardriving. It's not considered illegal for you to listen in on on unencrypted radio - it is illegal for you to take any action, including rebroadcasting or direct profit from knowledge thus gained. That is where Google fails, IMHO.
It’s a perfect analogy. I like it.
But it is nearly impossible to tell from a newspaper account of the ruling.
Clearly, if someone decrypts a wifi broadcast, or otherwise deliberately frustrates the owner's attempt to secure the connection, that's dodgy as hell and should be prosecuted. But the judge rather pointedly says sniffing an open connection can also constitute an act of wiretapping.
And here is another instance where a lawyer is using his faulty knowledge of science and engineering to craft policy, rules, and regulations. Pretty sure that the Supreme Court and FCC have already ruled that receiving Over-The-Air broadcasts are legal, absent any other use by the receiver. Used to be that any bar or pub had their own OTA antennae and TVs without any additional payment to the local stations, but when caught snagging the early unencrypted cable signals got fined pretty heavily in addition to having to pay back the cable companies.
My sister has a wirless router on her computer. There’s a kid in the neighborhood who will come late at night-early morning and sit out on the porch and will use her router connection to use his blackberry internet or whatever it is. Is this the same thing? We don’t like it, because we don’t know what he’s viewing (it could be child porn for all we know) Is there something on the router to stop that?
Password protect it as far as access. If he’s downloading pirated music or videos, or worse such as child pornography, they’ll come for you first.
Why hasn't she enabled her security settings? And her porch isn't public property.
She’s not very literate when it comes to internet connections, and admittedly, neither am I. Here son may be able to do it. Thanks guys.
Yes. Point a browser at the router's configuration page. See your computer's network details for the location. Your router is at the gateway IP. Just about all routers are configured through web pages. The only exception I've seen the Apple Airport, which uses a dedicated app installed on your computer.
You'll probably need a userId and password to get into the configuration page. If you've already set one, you probably wouldn't be asking this question, so look at the manual for the factory default values (e.g., blank userid and password admin). If you've lost the manual, you can probably download it from the manufacturer's website.
Somewhere in the settings pages there should be something called WPA-Personal (older routers may have only WEP, which is not secure, but good enough to lock out the kid unless he's a real hacker). When you set WPA-Personal, you will be asked to enter a pass phrase up to 63 characters long (known as a pre-shared key).
Enter something you can easily retype but the kid will never guess. You will need to enter the same pass phrase on each computer or tablet or smartphone you want to authorize to use your wireless.
If you are really paranoid, there are other things you can do in addition. For instance, most routers will allow you to create a list of MAC addresses of authorized computers. And most will also allow you to cease publishing the name of your network (the SSID), so that hackers who don't know it exists will not notice it unless they are using special software. However, I find WPA security sufficient, and the extra inconvenience of MAC lists, etc, to be not worth the trouble.
BTW, if your router has no, or only the default, userid and password for its configuration page, you should set your own. The reason is extra insurance. If you accidentally download malware, one of the many nasty things it may do is look for your router and try to access it using the manufacturer's factory default credentials.
Assuming we’re talking about packet sniffing, we’re talking about different levels of use. Using somebody else’s open network, is like using a telephone or electrical outlet they put on the sidewalk. I believe the “sniffing” they are talking about is that Google captures the IP packets and reads them, much like somebody adding their own extension to you telephone at the pole and listening and recording who you communicate with.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.