Slashdot Mirror

← Back to Stories (view on slashdot.org)

War Driving To Be Protected In NH

Posted by CmdrTaco on from the baby-steps-in-the-right-direction dept.

AllMightyPaul writes "A big article on Wired.com talks about the new House Bill 495 that would legalize the innocent stumbling upon open wireless networks. Basically, it put the burden of securing a wireless network on the owner of the network and allows people to connect to open networks that they believe are supposed to be open. This is excellent news as I'm sure we've all tried to connect to one wireless network and ended up accidentally connecting to another one. Being from NH, now I can finally drive through Manchester and connect anywhere I want with little worry, but not until after January 2004, and that's if the bill passes the Senate."

9 of 378 comments (clear)

  1. Legalize it? by xchino · · Score: 5, Insightful

    So was it previously illegal? AKAIK, there are no laws against war driving, so while they may have protected this right, they didn't legalize it. Definately a step in the right direction, though.. it's so infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them.

    --
    Everyone is entitled to their own opinion. It's just that yours is stupid.
    1. Re:Legalize it? by mcworksbio · · Score: 5, Insightful

      infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them

      IMHO this is not a good thing. One of the problems Americans face today is the presence of so many laws reducing explicit or implied freedoms, as you noted. Yet explicitly stating in statute tangible freedoms contradicts the Constitutional notion of preexisting rights fundamental to the human condition. The goal of the Constitution is to recognize freedom, protect it, and limit rights only to the extent necessary to support the common good.

      At first blush you are right, its about time we had freedoms recognized by politicians. But I would much rather see them tear down thousands of bad laws and restrictions, and get a couple of really good, common sense ones in there, and enforce them. I don't want to start to have my freedoms enumerated by a Congress, Court, or Executive.

      P.S. This is all without respect to political affiliation. Wireless, RIAA, M$ monopolies, Guns, Abortion, Environment...all these issues may have different sides, and all need applicable laws, but I am just saying that the laws should not state a freedom and protect it, only restrict abuses contrary to the will of the Constitution, the people, and the common good.

    2. Re:Legalize it? by djembe2k · · Score: 5, Interesting
      I respect your idealized libertarian (quasi-anarchist?) streak here, but it is unrealistic.

      Some background, for those who need it. The first amendment (to take a well-known example) doesn't say "You get the freedom of speech." It says "Congress shall make no law abidging the freedom of speech." In other words, the freedom in question is assumed to pre-exist the Constitution, and the Constitution is just explicitly recognizing it, and declaring it as a limit on governmental power.

      But there's a contradiction built in, because the Bill of Rights still enumerates particular rights, and for a couple of centuries courts have been understandably less willing to protect rights that aren't explicitly enumerated (privacy and substantive due process and the backlash against it being the exception that proves the rule) than those that are.

      Yes, enumerating freedoms can have the effect of implying that we are not free to do anything except what is enumerated. But that's a built-in side effect of the way the Bill of Rights is written. It's even worse since the courts rules that the 14th Amendment "incorporates" much of the Bill of Rights applies to the states. Before the 14th Amendment, it wasn't clear that expressions like "Congress shall make no law" applied to state and local legislative bodies. The Supreme Court used the 14th Amendment to rule that many of the *enumerated* rights in the Bill of Rights now could be enforced as restrictions on state and local legislatures as well. But this explicitly applies only to things enumerated, and even then only the ones the courts have picked and chosen.

      In other words, when you (the previous poster) say "I don't want to start to have my freedoms enumerated by a Congress, Court, or Executive.", I'm saying it is already way, way, way too late. Maybe if that attitude was in place in the 1780's we could have a system that works that way. Of course, with that attitude, we'd still have the Articles of Confederation (which might not be such a bad thing from a small-weak-government-is-good point of view). But we don't.

      Additionally (and then I'll shut up), legislative acts creating or recognizing rights are often absolutely essential to turn the abstract principles listed in the Constitution into specific and applicable rules and regulations with enforcement mechanisms. Parts of the post-Civil War amendments were widely disregarded until Congress passed the Voting Rights Act almost 100 years later. Now there were clear rules explaining what did and didn't constitute disenfranchising somebody, and a way to enforce it. If you were a black citizen in Mississippi, it was the Voting Rights Act and not the 15th Amendment that actually made it possible for you to relatively safely get to the voting booth, cast a ballot, and be confident that it was counted.

      OK, I've gone off topic, but I'll bring it home. Explicitly listing this freedom is a Good Thing. The freedom to use open wireless networks could be seen as competing with the freedom to use your own wireless network without sharing resources with intruders. We need explicit guidance on how to balance these things, and how to enforce the balance we come up with. That's what legislatures are supposed to do with the system we've got, as opposed to the one we might wish we had. That's what they are doing here.

    3. Re:Legalize it? by bjschrock · · Score: 5, Informative

      I just wish everyone would pay more attention to the last two amendments in the Bill of Rights:

      Amendment IX

      The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

      Amendment X

      The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

  2. Wait a second... by b0r1s · · Score: 5, Insightful

    There are still real moral issues here with whether or not it's actually RIGHT to connect to other people's networks. Just because the networks are not completely secure, you're still not justified in connecting to them, specifically if your reason to connect is to abuse them.

    The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?

    --
    Mooniacs for iOS and Android
    1. Re:Wait a second... by bluprint · · Score: 5, Insightful

      I think the point is that the burden of deciding wether a person/company intended for a network to be open shouldn't be placed on the individual, but rather, on the person who set up the network.

      --
      A modern day witchhunt.
    2. Re:Wait a second... by b0r1s · · Score: 5, Informative
      Here's the text:

      1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:

      I.
      • (a) A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:

        • (1) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or

        • (2) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or

        • (3) The person reasonably could not have known that his or her access was unauthorized.


      • (b) The owner of a wireless computer network shall be responsible for securing such computer network. It shall be an affirmative defense to a prosecution for unauthorized access to a wireless computer network if the unauthorized access complies with the conditions set forth in subparagraph I(a)(1)-(3).



      So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.

      This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.
      --
      Mooniacs for iOS and Android
  3. Re:Its excellent news..... by Anonymous Coward · · Score: 5, Insightful

    Well, I don't know about you, but here in NC if I drive through a nearby office park with Kismet there's a spot with EIGHT IDENTICAL members of the "linksys public access network" if you know what I mean (LinkSys products with default unprotected configs).

    If I were to hypothetically sniff some of these packets, I might hypothetically discover that they are going to different ISPs, which makes me hypothetically believe that most if not all of these belong to different companies.

    So imagine you are an employee of one of these companies and the boss tells you "hook up to the linksys" ... you might just be committing a crime and theft of service if you pick the wrong one.

    This law puts the burden on the hardware owner to make the fucking tiniest effort (I'm not talking IPsec or even turning on WEP .. how about just renaming your access point to "PRIVATE ACCESS" or something that takes half a brain cell)....

    This is GOOD, not BAD.

    The signal is physically going through my body and if it doesn't say "Don't Use Me", then by fuck, I'm going to use it! I figure that's in exchange for the 0.00001% increased cancer risk. :-)

    I debated going into these businesses and telling them that I'm a computer security professional and would be happy to give them some free consulting but then I decided at least one of them would get panicky and have me arrested. "But .. how do you KNOW we have a wireless network ... from OUTSIDE??? You must be a TERRORIST!"

    No good deed goes unpunished you know.

  4. DHCP expresses permission by yack0 · · Score: 5, Insightful

    I'll summarize it again as I have in other forums.

    - My laptop sees a signal and requests access to the network by asking for a DHCP address.
    - Access point sees my request and GRANTS me a lease on an IP address with which I can access their network
    - I surf using the network
    - I leave.

    I asked, they said YES. They could have easily denied me, but they invited me into the network when I asked if I could. There are SO MANY different ways to keep people out, that owners of AP's just have to do something to secure themselves. Shame on them if they fail to do that.

    --
    -- There is no sig line, only Zuul.