Law Scholars Say WaveLAN Hacking Is Legal, In Germany

← Back to Stories (view on slashdot.org)

Law Scholars Say WaveLAN Hacking Is Legal, In Germany

Posted by timothy on Monday April 8, 2002 @01:59AM from the aber-irgendwo-anders dept.

An Anonymous Coward writes: "Seems in Germany sniffing other peoples WaveLAN is no criminal offense. At least the authors of this Article from the German magazine 'Datenschutz und Datensicherheit' claim that even intercepting and decrypting WEP-encrypted traffic is perfectly legal. Wow." (The PDF file is in English.)

29 comments

Min score:

Reason:

Sort:

Wow. by booch · 2002-04-08 02:43 · Score: 2

Wow, lawyers actually came out and had an opinion on something without being paid to have that opinion? I've never heard of a lawyer saying something was legal or not -- they prefer to deal in the gray areas, so they can help you get away with anything.

--
Software sucks. Open Source sucks less.
Thank god. by Snowfox · 2002-04-08 04:43 · Score: 1

Trying to achieve data security through legislation instead of responsible technology use is just stupid. This approach makes perfect sense.
I hope that other countries follow suit.
Datenschutz und Datensicherheit by Anonymous Coward · 2002-04-08 05:47 · Score: 0

Is that "Chips and Dips" in German? :)
1. Re:Datenschutz und Datensicherheit by uradu · 2002-04-08 06:11 · Score: 2
  
  > Is that "Chips and Dips" in German?
  
  No, it's "dataprotection" and "datasecurity". Once you grasp (say, in the second or third class of German 101) that those apparently endlessly long German words are actually compound nouns composed of multiple simpler nouns--rather than atomic words that you can look up in a dictionary--their apparent length ceases to be all that amusing.
2. Re:Datenschutz und Datensicherheit by GigsVT · 2002-04-08 08:45 · Score: 2
  
  German is doubleplusgood!
  
  --
  I've had enough abrasive sigs. Kittens are cute and fuzzy.
3. Re:Datenschutz und Datensicherheit by Anonymous Coward · 2002-04-08 10:47 · Score: 0
  
  Datenschutzbeauftragter der Landesmedienanstalten would then be a DataProtectionOrderedTo of the StateMediaAgencies... No... mein Kamerad, I can not concur. There's nothing redeeming to be said about concatenating nouns to build artificial constructs. Words like Datenschutzbeauftragter just reveal the basic inclination of the German to revel in self-importance all according to the widely known fact that the longer the word for a certain person or office the more important it or they are.
4. Re:Datenschutz und Datensicherheit by nefertari · 2002-04-09 01:31 · Score: 1
  
  Datenschutzbeauftragter der Landesmedienanstalten would then be a DataProtectionOrderedTo of the StateMediaAgencies...
  You are more or less right. A Datenschutzbeauftragter is somebody who has to take care of the privacy of the informations his organization has collected.
  BTW, I am german, but I don't think that a longer word means that someone is more important. For example at the Bundeswehr (the german military) there are ranks called Unteroffizier, that is less than an Offizier since Unter means sub, so the longer name has the lower rank.
  
  --
  use Bielefeld.pm
5. Re:Datenschutz und Datensicherheit by Anonymous Coward · 2002-04-09 07:35 · Score: 0
  
  English speakers should be used to long strings of run -together words by now...
  
  www.mywebsitehasabigassdomainname.com
presedence in US court. by j-turkey · 2002-04-08 06:04 · Score: 2, Interesting

Its too bad that this won't affect any of our (bad) US legislation.

Hell, we still can't use radar retectors in some states (to listen in on somewhat public frequencies that are used to surveile us).

Even without encryption, I'll bet that just about any US court would rule it illegal to sniff 802.11a/b/d packets.

If you add breaking WEP, it becomes a DMCA issue...again, US courts would be even more likely rule it illegal.

Are there any other capitalist countries out there that are just a little smarter than mine?

-Turkey

--

-Turkey
1. Re:presedence in US court. by uradu · 2002-04-08 06:14 · Score: 2
  
  > Hell, we still can't use radar retectors in some states
  
  Hold your horses, cowboy. Just because you (might!) be allowed to intercept WEP traffic doesn't mean you can use radar detectors in Germany. In fact, you can't! You'll get a good spanking for that--in most of Europe, AAMOF.
2. Re:presedence in US court. by Negadecimal · 2002-04-08 09:52 · Score: 2
  
  doesn't mean you can use radar detectors in Germany. In fact, you can't!
  
  When did that happen? When I left Germany six years ago, there were still automated photoradar systems all over the place... you'd see a bright blue flash, and get a bill in the mail shortly thereafter. No fuss, no muss.
3. Re:presedence in US court. by j-turkey · 2002-04-08 09:56 · Score: 1
  
  Yeah -- I forgot that doesn't apply to the rest of the world. I stand corrected.
  
  But then again (to go way off topic) police in Germany don't issue speeding tickets (using radio surveillance) fot the sole purpose of revenue enhancement either.
  
  In any case, outside of my slightly OT Radar rant, it doesn't change the fact that no US court would ever let that fly -- I think its indicitave of how much more progressive europe is in some aspects.
  
  BTW, what does AAMOF stand for?
  
  -Turkey
  
  --
  
  -Turkey
4. Re:presedence in US court. by Anonymous Coward · 2002-04-08 10:50 · Score: 0
  
  Actually they switched to red flashes a couple of years back.
5. Re:presedence in US court. by Anonymous Coward · 2002-04-08 10:53 · Score: 0
  
  "But then again (to go way off topic) police in Germany don't issue speeding tickets (using radio surveillance) fot the sole purpose of revenue enhancement either."
  
  Oh but they do, they even cheat by tampering with the radar device setup to achieve higher fines!
6. Re:presedence in US court. by doooras · 2002-04-08 14:01 · Score: 2
  
  >we still can't use radar retectors in some states (to listen in on somewhat public frequencies that are used to surveile us).
  
  What frequencies can you listen in on using a devices that beeps at you while your ass is going 90 MPH through a school zone?
  
  do you mean scanner?
7. Re:presedence in US court. by uradu · 2002-04-08 17:17 · Score: 2
  
  > BTW, what does AAMOF stand for
  
  I made it stand for As A Matter Of Fact :-}
8. Re:presedence in US court. by uradu · 2002-04-08 17:20 · Score: 2
  
  > When I left Germany six years ago, there were still automated photoradar systems
  
  I believe the original poster meant radar detectors as in "detectors of radar", those little black boxes on your dash that beep when they detect radar frequencies.
9. Re:presedence in US court. by j-turkey · 2002-04-09 01:20 · Score: 1
  
  What frequencies can one listen in on? That's exactly what a radar detector does -- it listens in on frequencies, just like a radio (it is a radio). When it picks up the specific frequency (or range therein), rather than play the frequency through a speaker, it signals the operator with a beep.
  
  Its pretty simple actually.
  
  As far as going 90 MPH in a school zone -- I don't know how you drive, but I use radar detectors -- and I don't do 90 in school zones. I just won't pay tickets based on counties trying to boost revenue by entrapping unsuspecting drivers and issuing speeding tickets. If the police are watching you using electronic equipment (especially for a scam like this) don't you want to know?
  
  Scanners are legal in all 50 states -- and I'm not talking about those.
  
  -Turkey
  
  --
  
  -Turkey
10. Re:presedence in US court. by Caradoc · 2002-04-11 01:29 · Score: 1
  
  Not exactly. The use of a mobile scanner is limited to amateur and professional radio operators in some areas of the U.S., because the legislators in those areas fear that criminals could use them to snoop on police frequencies during the commission of the crime. Regular desktop radio scanners, I'm not sure.
  
  Big hint to any legislators that might read this (yeah, right!): if they're planning on robbing a bank, and they want to listen to the police frequencies while they do it, the fact that it's illegal in that locale is not going to stop them, or even intimidate them.
  
  --
  Specialization is for insects. - R.A.H.
This boggles my mind by DiSKiLLeR · 2002-04-08 20:21 · Score: 1

Of course its legal, it SHOULD be legal!

It boggles my mind how it could be made illegal. You broadcast data for the world to see, and you can make it illegal to view it? wtf?!

Makes no sense to me..

Laws get worse and worse each day...

--
You can tell how powerful someone is by the magnitude of the crime they can commit and be able to get away with.
Makes sense to me... by Anonymous Coward · 2002-04-09 00:31 · Score: 0

Seems in Germany sniffing other peoples WaveLAN is no criminal offense.

If you're intentionally radiating your devices waves onto someone else's property, it makes sense that they can receive and interpret that radiation. But what if you're unintentionally radiating waves onto someone else's property? It seems clearly wrong for someone to "listen in" on the radiation coming from my computer monitor, for instance...
OT: nitpick on sig :o) by kiwaiti · 2002-04-09 18:53 · Score: 1

Nach welcher Rechtschreibreform heißt es denn wieder "seelig" statt "selig"? Orig. M. Luther? :o)
Kiwaiti

--
Member of the Legion Of Microsoft Haters
1. Re:OT: nitpick on sig :o) by nefertari · 2002-04-09 19:17 · Score: 1
  
  Keine Ahnung, ich habe es immer so geschrieben. Muss ich wohl aendern. Danke! Judith
  
  --
  use Bielefeld.pm
No they don't by osolemirnix · 2002-04-12 02:31 · Score: 2

Sigh. Did the submitter even bother to read the whole PDF?

...claim that even intercepting and decrypting WEP-encrypted traffic is perfectly legal...

No they don't claim that. As stated in section 5.4 of the PDF, german law says that if you break "special safety measures against unauthorized access" you are certainly violating the law. Now wether WEP encryption is strong enough to be considered a valid safety measure in terms of this law is yet to be determined in a court case.

But that is not what the PDF is mainly about anyway. As it goes on in the following sections, it just claims that merely intercepting the WEP-encrypted data is definitely not a crime, at least as long as you're not decrypting it. So, simply sniffing/netstumling is legal. Decrypting WEP-encrypted data and further meddling in a thus cracked WLAN is most likely illegal (has yet to be determined by a german court).
Sniffing unencrypted (WEP disabled) WLAN is not illegal, since there is no "special safety measure to prevent unauthorized access" as stated in the law.

Still an interesting read, but not nearly as mindboggling as suggested in the /. story.

--

Idempotent operation: Like MS software, wether you run it once or often, that doesn't make it any better.