Slashdot Mirror

← Back to Stories (view on slashdot.org)

War Driving To Be Protected In NH

Posted by CmdrTaco on from the baby-steps-in-the-right-direction dept.

AllMightyPaul writes "A big article on Wired.com talks about the new House Bill 495 that would legalize the innocent stumbling upon open wireless networks. Basically, it put the burden of securing a wireless network on the owner of the network and allows people to connect to open networks that they believe are supposed to be open. This is excellent news as I'm sure we've all tried to connect to one wireless network and ended up accidentally connecting to another one. Being from NH, now I can finally drive through Manchester and connect anywhere I want with little worry, but not until after January 2004, and that's if the bill passes the Senate."

29 of 378 comments (clear)

  1. New Hampshire by Enzondio · · Score: 4, Funny

    This is what we should expect from New Hampshire

    Live free or die!

  2. Legalize it? by xchino · · Score: 5, Insightful

    So was it previously illegal? AKAIK, there are no laws against war driving, so while they may have protected this right, they didn't legalize it. Definately a step in the right direction, though.. it's so infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them.

    --
    Everyone is entitled to their own opinion. It's just that yours is stupid.
    1. Re:Legalize it? by sharekk · · Score: 4, Informative

      From the article: "Like most state and federal computer crime laws, New Hampshire's existing statute says it is a crime to knowingly access any computer network without authorization"

      Basically before if you were driving past a starbucks and picked up their connection you could be doing something illegal. I expect it's still illegal to crack WEP (easy as it may be) but using random open wireless is Ok.

    2. Re:Legalize it? by mcworksbio · · Score: 5, Insightful

      infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them

      IMHO this is not a good thing. One of the problems Americans face today is the presence of so many laws reducing explicit or implied freedoms, as you noted. Yet explicitly stating in statute tangible freedoms contradicts the Constitutional notion of preexisting rights fundamental to the human condition. The goal of the Constitution is to recognize freedom, protect it, and limit rights only to the extent necessary to support the common good.

      At first blush you are right, its about time we had freedoms recognized by politicians. But I would much rather see them tear down thousands of bad laws and restrictions, and get a couple of really good, common sense ones in there, and enforce them. I don't want to start to have my freedoms enumerated by a Congress, Court, or Executive.

      P.S. This is all without respect to political affiliation. Wireless, RIAA, M$ monopolies, Guns, Abortion, Environment...all these issues may have different sides, and all need applicable laws, but I am just saying that the laws should not state a freedom and protect it, only restrict abuses contrary to the will of the Constitution, the people, and the common good.

    3. Re:Legalize it? by djembe2k · · Score: 5, Interesting
      I respect your idealized libertarian (quasi-anarchist?) streak here, but it is unrealistic.

      Some background, for those who need it. The first amendment (to take a well-known example) doesn't say "You get the freedom of speech." It says "Congress shall make no law abidging the freedom of speech." In other words, the freedom in question is assumed to pre-exist the Constitution, and the Constitution is just explicitly recognizing it, and declaring it as a limit on governmental power.

      But there's a contradiction built in, because the Bill of Rights still enumerates particular rights, and for a couple of centuries courts have been understandably less willing to protect rights that aren't explicitly enumerated (privacy and substantive due process and the backlash against it being the exception that proves the rule) than those that are.

      Yes, enumerating freedoms can have the effect of implying that we are not free to do anything except what is enumerated. But that's a built-in side effect of the way the Bill of Rights is written. It's even worse since the courts rules that the 14th Amendment "incorporates" much of the Bill of Rights applies to the states. Before the 14th Amendment, it wasn't clear that expressions like "Congress shall make no law" applied to state and local legislative bodies. The Supreme Court used the 14th Amendment to rule that many of the *enumerated* rights in the Bill of Rights now could be enforced as restrictions on state and local legislatures as well. But this explicitly applies only to things enumerated, and even then only the ones the courts have picked and chosen.

      In other words, when you (the previous poster) say "I don't want to start to have my freedoms enumerated by a Congress, Court, or Executive.", I'm saying it is already way, way, way too late. Maybe if that attitude was in place in the 1780's we could have a system that works that way. Of course, with that attitude, we'd still have the Articles of Confederation (which might not be such a bad thing from a small-weak-government-is-good point of view). But we don't.

      Additionally (and then I'll shut up), legislative acts creating or recognizing rights are often absolutely essential to turn the abstract principles listed in the Constitution into specific and applicable rules and regulations with enforcement mechanisms. Parts of the post-Civil War amendments were widely disregarded until Congress passed the Voting Rights Act almost 100 years later. Now there were clear rules explaining what did and didn't constitute disenfranchising somebody, and a way to enforce it. If you were a black citizen in Mississippi, it was the Voting Rights Act and not the 15th Amendment that actually made it possible for you to relatively safely get to the voting booth, cast a ballot, and be confident that it was counted.

      OK, I've gone off topic, but I'll bring it home. Explicitly listing this freedom is a Good Thing. The freedom to use open wireless networks could be seen as competing with the freedom to use your own wireless network without sharing resources with intruders. We need explicit guidance on how to balance these things, and how to enforce the balance we come up with. That's what legislatures are supposed to do with the system we've got, as opposed to the one we might wish we had. That's what they are doing here.

    4. Re:Legalize it? by bjschrock · · Score: 5, Informative

      I just wish everyone would pay more attention to the last two amendments in the Bill of Rights:

      Amendment IX

      The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

      Amendment X

      The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

  3. Wait a second... by b0r1s · · Score: 5, Insightful

    There are still real moral issues here with whether or not it's actually RIGHT to connect to other people's networks. Just because the networks are not completely secure, you're still not justified in connecting to them, specifically if your reason to connect is to abuse them.

    The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?

    --
    Mooniacs for iOS and Android
    1. Re:Wait a second... by bluprint · · Score: 5, Insightful

      I think the point is that the burden of deciding wether a person/company intended for a network to be open shouldn't be placed on the individual, but rather, on the person who set up the network.

      --
      A modern day witchhunt.
    2. Re:Wait a second... by b0r1s · · Score: 5, Informative
      Here's the text:

      1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:

      I.
      • (a) A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:

        • (1) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or

        • (2) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or

        • (3) The person reasonably could not have known that his or her access was unauthorized.


      • (b) The owner of a wireless computer network shall be responsible for securing such computer network. It shall be an affirmative defense to a prosecution for unauthorized access to a wireless computer network if the unauthorized access complies with the conditions set forth in subparagraph I(a)(1)-(3).



      So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.

      This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.
      --
      Mooniacs for iOS and Android
  4. Wow by Snowspinner · · Score: 4, Funny

    The government passing reasonable digital rights legislation?

    Come on, April Fool's was almost a month ago now.

    --
    Philip Sandifer's academic website
  5. In these uncertain times... by fobbman · · Score: 4, Funny

    ...it seems like you can apparently get most anything passed if you attach the word "War" to it. Even the theft of bandwidth.

  6. That's a good law, but.... by b.foster · · Score: 4, Interesting
    How many people have actually been prosecuted for using an open wireless network without authorization?

    And how many of those people (if any) were malicious hackers?

    Why don't our legislators spend their time protecting innocent people (Skylarov, Felten, Serebryany, etc.) from laws like the DMCA that have been abused, instead of saying "hey, it's legal to wardrive, which nobody has ever been maliciously prosecuted for"?

  7. Re:Its excellent news..... by Ravenscall · · Score: 4, Insightful

    Well, as the article says, if they want to use a wireless network, the burden falls apon them, nit the state to make sure that network is secure.

    Frankly, I feel that this is a good approach to hacking in general. Why should buisineses, who often lobby to pay the state less in tax revenue and whatnot, still expect the state to prosecute people who break into thier networks because they were too lazy to apply a patch?

    Now, as a caveat to this, I feel that if the company can show that they took all reasonable precautions to secure thier network, then the state should go ahead with prosecution. This way a company that is 'following the rules' is not unduly punished, but the company that is too lazy or too cheap to implement good security is, and cannot fall back on fear of the state to be thier security apparatus.

    --
    You say you want a revolution....
  8. You mean... by Faust7 · · Score: 4, Funny

    "That was your network I had Kazaa, WinMX, and Grokster running full-steam 24/7 on? I had no idea, honest. Hey, OW."

    --
    The coolest voice ever.
  9. Isn't this explicitly mentioned on the equipment? by eGabriel · · Score: 4, Interesting

    I don't recall the wording, but doesn't most of this equipment carry a message from the FCC that says that the device must accept any interference from other devices?

    Maybe it's a bit backward, but I think that can justify your having picked up the signal; you were just accepting interference...

  10. Re:Where is NH? by blixel · · Score: 4, Insightful

    Where in the world is this place?

    New Hampshire is bordered by Canada on the north and by Massachusetts on the south. On the east, New Hampshire is bordered by the Atlantic Ocean and Maine and on the west, New Hamsphire is bordered by Vermont.

    And for all you Wardrivers... it's
    Longitude: 70 37'W to 72 37'W
    Latitude: 42 40'N to 45 18'N

  11. Won't this just encourage more SPAM? by ewanrg · · Score: 4, Insightful
    I'm all for having reasonable laws for reasonable people. And this one seems to have it's heart in the right place.

    However, if you have the ability to use someone's network "accidentally" how do you distinguish someone who is using a lot of bandwidth for an innocuous reason from someone using a little bandwidth for a protective screen? I seem to recall reading an article about SPAMmers using open links to anonymously go through SMTP sites to further propogate their "stuff"...

    And if the company is running Windows and has shared network resources, where does my 100 page accidental printing land on the scale of things?

    I agree that you don't want to arrest someone for browsing through "linkedsys" when they meant "linksys" (or picking up the wrong "linksys" which is probably even more likely). But I'm not sure this is the answer.

    FWIW,
    Ewan

  12. Re:Its excellent news..... by Surak · · Score: 4, Insightful

    Waitaminute. What you're saying -- in essence -- is that you think it should be *legal* for people to enter your house without your permission if you're too stupid/lazy to keep your door unlocked. I'm sorry, I have to disagree with you. Unlawful entry is unlawful entry, and unlawful hacking is unlawful hacking.

    That being said, I think it's completely different with wireless networks precisely because you don't even know what network you're picking up -- and you can pick up the network completely by accident. This is in effect similar to the case where an non-scrambled phone conversation is picked up via a scanner accidentally...perfectly legal to listen in, at least in most states.

    --
    My journal has hot /. gossip.
  13. Re:Its excellent news..... by Anonymous Coward · · Score: 5, Insightful

    Well, I don't know about you, but here in NC if I drive through a nearby office park with Kismet there's a spot with EIGHT IDENTICAL members of the "linksys public access network" if you know what I mean (LinkSys products with default unprotected configs).

    If I were to hypothetically sniff some of these packets, I might hypothetically discover that they are going to different ISPs, which makes me hypothetically believe that most if not all of these belong to different companies.

    So imagine you are an employee of one of these companies and the boss tells you "hook up to the linksys" ... you might just be committing a crime and theft of service if you pick the wrong one.

    This law puts the burden on the hardware owner to make the fucking tiniest effort (I'm not talking IPsec or even turning on WEP .. how about just renaming your access point to "PRIVATE ACCESS" or something that takes half a brain cell)....

    This is GOOD, not BAD.

    The signal is physically going through my body and if it doesn't say "Don't Use Me", then by fuck, I'm going to use it! I figure that's in exchange for the 0.00001% increased cancer risk. :-)

    I debated going into these businesses and telling them that I'm a computer security professional and would be happy to give them some free consulting but then I decided at least one of them would get panicky and have me arrested. "But .. how do you KNOW we have a wireless network ... from OUTSIDE??? You must be a TERRORIST!"

    No good deed goes unpunished you know.

  14. I love my NH by Tevye · · Score: 4, Insightful

    A others have mentioned, NH is a nice place to live. No state income tax, no sales tax.. It is a nice place to be.

    I'm seeing a lot of "the idea is good but...", but I do think it's a good idea. I read the analogy of walking into someone's house if it's unlocked and taking their food, etc, but I don't think that's the right analogy.

    A better one, (which also applies in NH) is that if you're hunting in the woods, you can't be prosecuted for trespassing unless it posted "No Trespassing" or the owner comes along and tells you to leave. This keeps people who are in the woods and might not have a convenient parcel map from the town from being prosecuted because they wandered into an adjacent lot. Do note that this is not the same as walking into land that is expected to be private, i.e. a house or an office building (during non-business hours).

    Just my input.
    Live Free Or Die.

    --
    We're on a mission from God.
  15. Re:Who brought out the clue-by-four? by delcielo · · Score: 4, Interesting

    Okay, I'll bite.

    If you're talking about this law protecting the innocent person who accidentally connects to a different network than they intended, I'd agree.

    If you're talking about somebody who is intentionally wardriving looking for networks that he/she can get into and explore for juicy stuff, then I'll disagree.

    Certainly, the admins of such networks have acted irresponsibly (assuming it wasn't some incredible new hack that broke into a secured network); but that doesn't mean the wardriver has no culpability in this situation.

    This is one of those areas where the law can't cover everything. It's wrong to walk into an open house and take things when you know the owners didn't want you in there. Whether or not the door was open, and whether or not there was a welcome mat on the porch, you damned well know you shouldn't walk into a stranger's house and take their things.

    And when you did, it wouldn't be the owner's fault that you're a worthless amoral turd. It would still be yours; whether or not they were stupid.

    --
    Hot Damn! It's the Soggy Bottom Boys!
  16. DHCP expresses permission by yack0 · · Score: 5, Insightful

    I'll summarize it again as I have in other forums.

    - My laptop sees a signal and requests access to the network by asking for a DHCP address.
    - Access point sees my request and GRANTS me a lease on an IP address with which I can access their network
    - I surf using the network
    - I leave.

    I asked, they said YES. They could have easily denied me, but they invited me into the network when I asked if I could. There are SO MANY different ways to keep people out, that owners of AP's just have to do something to secure themselves. Shame on them if they fail to do that.

    --
    -- There is no sig line, only Zuul.
  17. Only applies to really open networks by iabervon · · Score: 4, Insightful

    It seems to me that this change essentially says that any network which isn't secured in any way is to be considered a public network; that is, if you find a network not using WEP or anything, you should assume that it was intentionally left open as a public resource (like people have started doing). I doubt that the defense provided for this behavior would apply to a network using even a small WEP key, though. Even if you sniff the key, it seems unlikely that you could then claim that the network's owner meant you to have the key. So, while people do have to secure their networks, they don't have to secure them particularly effectively; just well enough to block your defense.

    What this law means is that, if you don't want people to use your wireless network, you have to use some sort of technological measure to let them know to stay out. This makes a lot of sense, because there's no way to find out that someone does want you to use their network.

  18. The moral bankruptcy of Slashdot readers by Cereal+Box · · Score: 4, Insightful

    It seems that with every article posted on Slashdot I get a better picture of the lack of morals possessed by the average Slashdot reader.

    They see no harm in taking goods and services that they did not pay for and are therefore not entitled to.

    Now they see no problem with hijacking bandwidth someone else paid good money for simply because it's available over the airwaves and unsecured? Tell you what: let me know where you live so I can help myself to your water, electricity, and internet access if your door happens to be unlocked. It's not my fault if I sneak in, you were too stupid to secure your house!

    Also, I don't really buy the whole "this is good, now we'll see some better security" argument. Right. You're telling me you'd like nothing better than to see ALL wireless networks secured so you can't go joyriding and stealing bandwidth? Right. A Slashdotter who doesn't want to get a free ride. Next thing you know you guys will be telling me that you'd be in favor of a foolproof scheme that protects your fair use rights for music and movies but prevents you from sharing with millions of random people.

    This is really sad when you think about it. The prevailing morality among young people seems to be "screw everyone else, if it's not bolted down I'm taking it!" There used to be a time in this country when you could leave your doors unlocked because people were decent enough to respect each other's property. Not anymore, I guess.

    1. Re:The moral bankruptcy of Slashdot readers by Cereal+Box · · Score: 4, Insightful

      The point is, if this were a wired network none of you would be arguing that getting on the network "somehow" would be morally wrong. Turn that network from wired to wireless and now it's perfectly okay to get on the network? Now I agree that there shouldn't be any repercussions for accidentally stumbling onto someone's network but if you find someone's network and THEN start using their bandwidth as if you were entitled to it all along is wrong, now isn't it?

      If you accidentally get on someone's network, fine -- disconnect and try again ... maybe you did something wrong. It's just like if I were to accidentally walk into the apartment next to mine... as soon as I realized the mistake I'd apologize and back away. I wouldn't just take the unlocked door and my perception that this is MY apartment to be an invitation to help myself to the neighbor's internet access.

  19. Re:Its excellent news..... by gurps_npc · · Score: 4, Insightful
    Yes stealing is stealing, but this is NOT stealing. First of all a lot of public minded group/people are offering free use of their net. They signify this by leaving their net open, and use the standard Linksys as the ID.

    In your example, would you think the person that takes your car is guilty if the city you lived in routinely leaves cars with the keys in the door as a public service, allowing anyone to use them.

    The truth is, that your example is not even accurate. A better example would be if cars come with an optional LOCK. They give strict instructions that if you do not want everybody in the world to use your car, you should install a Lock. If asked, they say they build them without locks so that you can get your own lock, not one that they can open, and to allow pbulic oragnizations to make them available for general use without a Lock

    If you get a car without a LOCK, then it is YOUR fault if someone takes your car, and the person that took it has the RIGHT to claim they thought it was a one of the cars made available to the general public for free.

    --
    excitingthingstodo.blogspot.com
  20. Re:Who brought out the clue-by-four? by gurps_npc · · Score: 4, Insightful
    BUT YOUR ANALAGY IS TOTALLY WRONG.

    This law does NOT make it legal to take things at all, let alone things that you know the owner did not want you to take.

    All the law does is make it LEGAL to enter the house if you leave it open. Which makes a LOT of sense considering that a lot of people are intionally leaving their doors open so that if you want to get out of the rain, you can enter their house. (Analogy - public groups are offering free services).

    The law does not allow you to steal data, it just lets you wardrive. war drive is using their network to access the internet. If you use their network to access the private, secret data of the company, that is theft, and you can still be prosecuted.

    Admittedly, the law does make it harder to prosecute you, as you have to be caught with the goods, but that is fair. After all it SHOULD be harder to prosecute a theif when the MORON of an owner takes ZERO effort to protect their property.

    --
    excitingthingstodo.blogspot.com
  21. Bad analogy! by WPIDalamar · · Score: 4, Insightful

    The whold leaving your doors unlocked & open and then people walking into your house is a bad analogy. A better one would be:

    You leave your T.V. pressed up against your window, and then people walking down the street watch it.

    Or...

    You put a speakerphone in the middle of the street, and then yell out your window whenever you make a call... and then people can listen to your conversation, and even add some comments in.

  22. Bad Analogies by esampson · · Score: 4, Insightful

    Lots of people are comparing this to making it legal for someone to come into an unlocked house and eat the food.

    That's a bad analogy. Why? Because there is a widely growing movement of setting up open networks that anyone can connect to. There's no widespread movement to leave homes unlocked and free food in the kitchen.

    This bill doesn't give people the right to break WEP encryption or spoof MAC filtering. They probably couldn't even use it for defense if the SSID had the word 'Private' or something similar in it. The bill simply recognizes the growth of free connections and tells people that if they don't want to be mistaken for a free connection then it's their responsibility to do something about it.