Slashdot Mirror
Jailtime For Leeching Wireless?
jginspace writes "A 17-year-old from Singapore is is facing three years' jailtime for accessing his neighbor's wireless network.
His neighbor complained and now the unfortunate Tan Jia Luo is facing charges under the computer misuse act and is scheduled to appear in court on Wednesday."
More details at the local HardwareZone Forum:
Teen, 17, first to be charged with unauthorised wireless Net access
By Chua Hian Hou
A 17-YEAR-OLD polytechnic student has become the first person here to be charged with piggybacking on someone else's wireless Internet connection.
Garyl Tan Jia Luo was accused yesterday of using a laptop computer to gain unauthorised access to a home wireless network on May 13 this year.
If convicted, Tan faces up to three years in jail and fines of up to $10,000 under Section 6(1)(a) of the Computer Misuse Act.
Tan was released on $6,000 bail and is scheduled to appear at the Subordinate Courts on Wednesday.
Court documents did not describe the circumstances in which Tan was arrested, but The Straits Times understands that a neighbour near his Casuarina Walk home had lodged a complaint against him.
While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here.
Most modern notebook computers and personal digital assistants (PDAs) have the ability to sniff out unsecured networks and hop online for free with just a few clicks.
There are numerous guides online that describe how to do this and the low cost of wireless networking equipment means that most HDB or condominium blocks have unprotected networks users can log on to.
Said Mr Cheo: 'People assume, wrongly, that since it is there, it is okay to use it.'
Mr Aloysius Cheang, the chairman of local infocomm security association, the Special Interest Group in Security and Information Integrity, said: 'Most people probably do it because it is convenient, or because they are cheap and want free Internet.
'But, for some, it is because they want to do something illegal like defaming someone or downloading pirated MP3s, and they don't want the activities traced back to their own network.'
In the online world, there are even special terms for it, like 'wardriving' and 'Wi-Fi mooching'.
The problem, said lawyer Bryan Tan, is that while most people know that mooching is not quite legitimate, they probably do not know that it can be treated as a serious offence.
'Blinkered by the convenience and allure of ?free Internet', people don't realise that mooching is the virtual equivalent of trespassing,' he added.
Likewise, many users do not seem to realise that they can block moochers simply by installing a password on their Internet connections.
For most users, the only indication they get that someone is mooching is when their connection speed slows down, though Mr Cheo said software tools are available for download that can track who is using a network and what they are doing on it.
While the case is the first of its kind here, there have been at least two similar arrests and convictions in the United States.
In some countries like Holland, Mr Tan added, Wi-Fi network owners can even be held liable by the courts for crimes committed on their unprotected networks.
chuahh@sph.com.sg
Before everyone flies off the handle here, remember that this is happening in Singapore, who has much more draconian law enforcement than the US or Europe.
I'm not saying this to dump on Singapore, but rather, to hopefully mitigate even a tiny bit of the OMG BUSH PWNS CIVIL LIBERTIES knee-jerk reactions that are sure to follow.
1. Don't take any of the many simple steps I could take to lock down my network despite the fact that many devices are designed to automatically lock onto any open wireless network.
2. Rename wireless network free help yourself.
3. Insist that charges are pressed against my neighbours.
4. Buy their houses at low low prices and use the space for an indoor pool and a bowling alley.
Think of the Children; Sleep with your Sister
Isn't this the same country where chewing gum is banned and trafficking drugs is a capital offence
Is this really a surprise? This is the same country where you can be caned for simple acts of vandalism.
Putting aside the fact that running an unsecured network should also be a punishable offence in this day and age, the kid was still in the wrong. Just because you can break into a network does not give you the right to do so. The question is whether or not he did it on purpose or if it was just another stupid Windows box attaching to the nearest open wireless access point (I've lost count of the number of times I've accidentally attached to my neighbour's WAP [1] ... telling Windows not too is like pulling teeth).
I just hope the conviction isn't too harsh. A fine would be more appropriate than jail time.
[1] And yes, I have told him to fix it. Even did the neighbourly thing and secured his network for for him. The following day he removed my configuration because "he didn't like entering a password". He'll learn the hard way eventually.
Don't go to Singapore looking for an easy Wifi connection... They don't tolerate your Western Decadence there.
Rich And Stupid is not so bad as Working For Rich And Stupid.
What, is today Scary Jailtime Story Day or something of the sort?
First, this story about a guy being jailed after he received a fake check and tried to cash it was reportend on interesting-people, then this story about a guy being arrested, because he had a rubber band ball that the TSA thought contained "something metallic" or drugs (also on interesting-people today), and now this story on Slashdot.
Please correct me if I got my facts wrong.
"...now the unfortunate Tan Jia Luo is facing charges under the computer misuse act and is scheduled to appear in court on Wednesday."
I wonder if the judge hearing this case will notice that larger-than-usual number of foreign hacks loitering around the building on Wednesday morning?
Assuming this young lad wasn't up to anything that nefarious (that would derail a great bandwagon wouldn't it?) I hope this case gets some exposure and the lad gets some support.
The problem is that while some people are clueless and don't secure their wireless, other people have a sharing nature and leave theirs open on purpose. How the heck do you tell the difference?
This case seems to be more than the usual, because the neighbor complained. As always the press article is near useless, but that suggests the arrestee went beyond simply using unused bandwidth.
Every time one of these stories comes up, some people post with great certainty their opinion that using someone else's wireless connection is clearly unethical. Folks, please make your case more solid by answering the question of how you're supposed to tell a wide-open residential AP from a public access AP. For that matter, how do you tell whether the neighbor was clueless in the setup or was being neighborly? The knock-on-the-door-and-ask-politely algorithm doesn't work well in an apartment block where the range of the signal includes dozens of apartments.
The kid trespassed upon the private property of another (his neighbor). If he had walked into his neighbor's home -- even had that home been unlocked -- the crime would be obvious to all. The neighbor's unsecured network is private property in just the same fashion.
As for the proportionality of the punishment: well, that's a matter for the sovereign nation of Singapore and its citizens to resolve.
On my work trip to Singapore, I knew that chewing gum was not legal there. So I went to the local convenience shop, and of course there was no gum, but a large assortment of legal candies. As an internet tech goon, I was drawn to the little plastic box (similar to TicTac) with little purple sugar pills labelled "I Love Flash". Oh and those Singapore immigration landing cards are a hoot, with large red friendly letters "possession of drugs is punished by DEATH'. Of course the US is not THAT bad...
Ok, first of all its not that hard to secure a wireless network. An 11 yr old could do it. Just google it. Second, does that country have nothing better to do? I mean its a 17 year old leeching off a neighbor's wireless, big deal happens all the time. Its not like he was doing anything malicious. Shouldn't you be more worried about catching murders and throwing them in jail instead of wasting time and jail space on something so stupid.
I don't think it is quite that cut and dry, although you make a valid point; that it was not his connection to use. The problem here is that many people purposfully leave their wireless open so that others can use it. I don't know if that is as widespread in Singapore however since the law is much more restrictive. When I first turned on a new mac notebook recently, it auto searched for networks and found one. Would using that network be wrong? What if I thought it was my network but wasn't really? If everyone in the neighborhood uses the same router it makes it even more confusing to the user.
I don't think a direct corelation can be made that the person was trespassing unless it is shown that they actively tried to hack into the home network. If all they are doing is going out to the internet, it don't think it's as big of a deal.
Is there heaven? Is there Hell? Is that a Tuna Melt I smell?-Primus
Here's some more rediculously stupid headlines:
Man wakes up, runs three miles, reports fatigue afterwards
Clam chowder eaten in Maine. Witnesses report "extremely tasty!"
American tourist in London says "These people have a funny accent."
Birds all over planet still flying.
I mean, come on guys. This is Singapore. Their legal system is so draconian it makes the Patriot Act look spectacular.
(With apologies to Wired Magazine)
"The Punishment Does Not Fit The Crime"
My understanding is that Singapore's punishment for littering, vandalism, drugs, and most everything else, is far more severe than most liberal democracies would tolerate. It is NOT surprising, therefore, that he is facing 3 years / $10,000 fine in Singapore, whereas in a western country he would likely face < 1 year + < $3,000 fine for a first offence of a crime of this nature, unless he was caught using the wireless access to do something else illicit, like download child pornography.
Singapore is a police state. It is not a liberal democracy. It is unfortunate that he is facing such a harsh sentice for such a minor crime, but it should not be unexpected in an unfree country such as this.
Not to end on a trollish note, but honestly, if you believe that caning and a lengthy prison sentence is a fair and just punishment for spraypainting a wall, then I would suggest you try living in a country that practices such harsh punishments, and see how long you like it there.
What was really funny is that Singapore has laws against wasting water, but then they also have laws requiring you to flush the tiolet in public places. So people got all scared that it was illegal to poop, because if they flushed they could be fined for wasting water and if the didn't they could be fined for not flushing. Of course, they couldn't complain about this problem because it would embarass the government and bring penalities upon them too, so to my knowledge it is still technically illegal to poop to this day, unless they made added an extension for a signle flush.
.... yeah whatever)
Also, I renember discussing with people when gum was banned in 89 (? I think). Contrary to myth, it wasn't to keep the sidewalks clean. It was because they engineered their subway system so poorly and so stupidly, that if you blocked one door - that none of the other doors would work and the whole freakin system would shut down. It wasn't long before kids discovered that all they gotta do is stuff their gum in the door on the way out, so then the doors couldn't shut, the subway couldn't move, and the whole freaking system would go out of service. So basically it was a stupid law to hide the faults of a stupid system. If that is the perfect description of Singapore then I don't know what is. (Singapore inc. as they call themselves
TFA is sparse on details but this seems harsh. It is one thing to bypass WPA keys or other security, it is another to just enter a completely open network and just assume it was meant to be public. I hope this is the former and not the latter, in this case.
As a business traveler, I have to rely on WiFi spots, and I don't always know the origin because they are "linksys" or some other generic name and I trust they were left open for a purpose. However, I never tried to crack any keys nor do I enter ones that the owners think are hidden since they don't broadcast their names/etcetera.
Singapore is known for their harsh punishments though, (in many cases deserved, considering that one American kid who vandalized all those cars).
According to wikipedia: Owning a satellite dish is banned, and the only TV service comes from one of two state-ran monopoly media corporations. Also, pornography of ANY kind is completely banned (playboy, etc.) which would probably disturb some slashdot readers. A police permit is required in order to hold a public assembly (even when groups are small). Eating or drinking of anything on public transit carries a 5000$ fine. They heavily filter the internet for anything that "may be a threat to public security, national defense, racial and religious harmony and public morality", and in 2005 imprisoned 2 for posting racial slur on the internet; Reporters without Boarders ranks them as 140th out of 168 countries listed (i.e. BAD);
For drug addicts, life in Singapore is hell. First off: drug trafficking of ANY kind usually results in a hanging (according to this, 70% of all executions are drug related). Not to say punishments shouldn't be tough, but these are insane. Here's also a list on what is punishable by Capital Punishment in Singapore.
To all of you that say he wasn't doing anything malicious: how do you know? And are you using your definition of malicious or the owner of the WAP? If my connection was open(it's not) and someone wanted to check their email, I wouldn't mind. Someone else might. However, probably everyone would mind if someone slammed their connection with torrent traffic 24/7. It might be all "legal" traffic, but it would still be damnned annoying, and malicious in my book.
The only real solution I see to this is to secure ALL wireless networks out of the box. It would keep windows from auto-attaching, and would make anyone logging into one liable if someone complained. The argument "well I didn't know I wasn't supposed to be there" goes right out the window. Then, if you decide to unlock your network, everyone knows that you meant to, and not that you're some fool that said "I want a wireless network! yay!" without knowing what that really means.
The problem here is that many people purposfully leave their wireless open so that others can use it.
When I first turned on a new mac notebook recently, it auto searched for networks and found one. Would using that network be wrong?
Yes, it is wrong. The user agreement for virtually all ISPs does not allow their users to share their internet connection wirelessly, no matter how generous your neighbors feel. Permission is not theirs to give. If a friend of mine had 1 Bears football ticket and tried to sneak me in with him, we would both be in the wrong.
--
-- All that is necessary for the triumph of evil is that good men do nothing. -- Edmund Burke
"The other person's ignorance about connecting to wireless networks is far far worse than my own ignorance about my own wireless network." I love logic... ahhhh well. At least it's not the US.
So you're basing the distinction of whether a crime did or did not occur on intent. That is, determining whether the accused intended to do harm prior to making use of another's private and paid-for resource.
Now, let me ask you: would you consider the situation the same had a person tapped a neighbor's electricity main? Or water line? Or POTS telephone service?
If not, what's the difference?
I swear... This world really needs to hunker down and focus on ethics and wealth generating education.
;)
It would really suck for a few years but after about 10 years of that every country would see a huge difference.
Too bad everyone is caught up in this "Now" unreality we call society.
Have directv issues?
http://honestdirect.honestwealthgroup.com/
Glad the help.. have a great day
Discover a Financial Lifeline Tracker.HonestWealthGroup.com
False. Yes, most consumer ISP service agreements forbid this. There are significant exceptions. And almost any ISP that has any non-consumer operations will sell you a connection that you can share if you're willing to give them enough money. I have a "legal" open wireless network, with the permission of my ISP, and so do lots of other people. There is no reason my users should assume my network isn't legitimate.
If you leave a network wide open, you are doing the only thing you can to invite people to use it. Absent information to the contrary, there's no reason it should be forbidden to assume the good faith of such an invitation. If your ISP service agreement doesn't permit you to share the bandwidth, then you need to close down the network, or somehow put people on notice that they can't use it. Only you, not the users, are in the wrong if you don't.
I run an unlogged, free, rather-throttled, old "b" access point, unsecured, for the purpose of easy Nintendo DS hookups. This should be a punishable offense? I encourage you to come on over and preach some more simplistic crap. Now, the DS open access may be a breach of an ISP agreement. If you work for my ISP, contact me, and we can handle it in a civil manner. Otherwise, go administrate your own networks.
Looks good for your age..
I was recently driving down a country road up in the mountains and the passenger and I had to use the bathroom so I took a side road that went about 15 feet and ended in a small forested clearing. We got out and did our business then 2 county police SUVs pulled up and after about a 45 minutes of threats and questioning we were both handcuffed and arrested on charges of criminal tresspassing II (Outdoor tresspassing) After spending the weekend in jail I was arreigned and got to read the police report. Apparently this was a private driveway for a house that will be built the following year and the owner saw us from the housee he is living in now which is up on the hill. Now there were no private driveway or no tresspassing signs on the driveway which probably would have turned us around but it is the law and after talking to my lawyer it seems hopeless to fight this charge (Our town has a population of around 900 people and the good old boy system is extremely hard to break without spending a small fortune to bring a lawyer from a larger city such as Seattle or Bellevue in to fight for you. As of this time the state is asking for 180 days in jail with 170 suspended and a total fine of $1850 with 2 years of supervised probation and random drug testing. Seems somewhat of the same to me as I also run an unsecured wireless network and I dont mind if people log in and use my network. It seems to me that if you dont want someone using your network, take a second to read your router's manual and put a password on it. Then there are always the people who just set traps like building a driveway 30 miles up a dirt road and not putting a sign or gate on it and wait on a hill with binoculars waiting for someone to tresspass....
In all fairness, 99% of the time the spray paint problem comes from gangs marking their territories, and 99% of the time they mark their territories because they want to minimize killing each other in drug related turf wars. Translation: kill the war on drugs and the graffiti problem will disapear overnight.
Singapore tried just the opposite. They tried to hide the graffiti problem, but that led to an explosion in drug violence, so then they cracked down hard on drug dealers and drug users. But that ment that they were applying all their resources to the symptoms and not the problem, so now Singapore teens not only have wide spread sympathy toward drug use, but Singapore also has a worse drug problem than the US does.
Yeah wonderfull, Singapores streets are cleaner, but their drug loards are richer, and their kids are worse off than they ever were.
How is leeching someone's unsecured wireless connection any different than watching a TV sitting on your neighbor's lawn facing your house? If this TV was in someone's house with the blinds closed I think it would be wrong to try and watch it. I think this is very similar to an insecure access point. Why should there be a difference in policy depending if the rays entering your property are light or radio?
I can't wait 'til all the people who are too goddamned stupid to use a computer get their asses handed to them on a platter. Frankly, I wouldn't mind it if they simply left the Internet entirely, since there would be nobody worth sending spam to anymore and maybe my ISP could charge me less money.
Actually, this ass-handing happens every day, only it's called by various terms such as "fraud" and "identity theft" and so forth, and frankly I wish the cops would spend more time worrying about that than about someone leeching a little bandwidth. In monetary terms, we're talking peanuts here. Sure, if the lad had accessed his neighbors data and done something criminal with it (such as stealing the guy's credit-card numbers) I'd feel differently. But the charge against this kid seems to be merely theft of bandwidth, which frankly isn't that heinous. I had someone trying to crack my WAP at one point: I ping-flooded the bastard and he got the message, but I never felt the need to call in the cops. "Nice try, buddy" was my attitude. Securing my network is my responsibility, not the government's, and no matter how tough the law becomes, the relative anonymity of wireless access assures that people will continue to try and use it (and abuse it.) It's best to just accept that fact right up front, and take the appropriate steps to keep unwanted users off your network, if that is your wish. If you don't know how to take those steps, either find/pay someone who does or don't plug in that WAP.
Regardless, if your misplaced faith in humanity leads you to open an access point with no security then you are too stupid to use a computer, and you shouldn't be surprised (nor should you have any right whatsoever to complain) when somebody rips you off, to whatever degree. If I write my PIN on the back of my ATM card, and I happen to lose it, should I have a right to expect that my accounts won't be immediately flatlined? Do I have a right to expect that anyone that happens to pick up that card will be an honest, ethical person that will return it to my bank? Of course not: I'd be a fool if I did. Moreover, responsibility for any funds lost would be mine, because I was stupid. That's actually in my bank's TOS, although it is couched in much more polite and scary-sounding legal language. Likewise, that neighbor who left his access point wide open is simply an idiot who really got less than he deserved for his ignorance. He's lucky it was just a college kid looking for a freebie that found him, rather than someone with real criminal intent. I hope he's happy he just trashed somebody's life over a non-issue.
This hearkens back to the mid-seventies when my father testified before our State Legislature regarding a computer-crime bill they were intent on passing. It wasn't until my Dad pointed out to these cretins that they were proposing to felonize virtually every computer science and engineering student in the State that they backed off on their "no-nonsense" approach. The law they finally passed still sucked, but at least it didn't put most of our technical talent behind bars. At the time, I was one of those students.
Excessively harsh laws ultimately serve little purpose.
The higher the technology, the sharper that two-edged sword.
Here's my thought though-
If you're smart enough to figure out that someone is leeching, you should be smart enough to enable some sort of low-level encryption.
Singaporeans have access to the now-defunct WEP standard, right?
Reminds me of the time, I was working at a camp one weekend and wanted to play CS:S. Steam needed to connect, so I went down the road to get my dose of wi-fi. Out walks a farmer with a shotgun wanting to know what we were doing and threatening to call the sheriff. Our response- (Which was legit too) uploading homework.
I am socializing, r-tard. I'm logged on to an MMORPG with people from all over the world, and getting xp with my party using teamspeak!
This Anonymous Coward is my new personal hero. I myself leave my wap open. Anyone who doesn't vpn has open access to port 80/81 and a handful of others that are pretty commonplace. Not open enough for them to do any damage, but plenty enough for people to browse around the internet, check their email, and even IM. I firewall them from my network and give them enough leeway to be productive on the web. Seems pretty win-win.
--fetch daddy's blue fright wig, i must be handsome when i release my rage
The way I see it, if I open up an insecure wireless network, I also tell others that they too are invited to it.
An open network is OPEN.
A password-protected network is CLOSED, but open to those who have the password.
If anyone hacks the password-protected network and bypasses the password protection, this is trespassing and misuse.
I live in a large house with lots of apartments with many neighbors who possess such unprotected networks. What if my router is down and my laptop connects to one of these networks? Am I then going to prison, because I never noticed it? Hell no.
Full Tilt
Singapore has mandatory penalties for a lot of things. For example, if you're caught with 500g (approx a pound) of marijuana, the judge has no choice but to sentence you to death. This for the same offense that will get you a year or two in jail in many US states. As crazy as the US gov't and state legislatures are these days, be happy we don't all live in Singapore.
-b.
Actually, since:
1.) _Most_ people who run an open wireless access point are doing so because they don't know it should be secured, or how to make it so,
--and--
2.) _Most_ ISPs providing connectivity to these people have within their TOS restrictions on "subletting" access;
the ethical approach is to assume that any open wireless access point is private, and refrain from using it, unless there is some specific indication that it is intended for open, public use (perhaps the SSID could be something like "FREEWIRELESS").
An approach of this sort would take most, if not all, of the second-guessing out of the situation. My take on the reaction to this, however, is that this would not satisfy most of those here who would rather have free access anywhere thay can find it, rather than having to actually purchase it.
So, I assume that you call the operator of every Web server and get permission before you connect to it, right?
No. You don't. You don't because setting up a Web server, and not doing anything to restrict access to it, implicitly authorizes people to use it, at least in any "normal" way.
You also don't look around for an "OK to drink" sign before you use a public drinking fountain. Not even when that fountain is on private property. Also, by the way, you don't go around inquiring whether the drinking fountain operator has an agreement with the water company that permits her to give away the water. You just drink the damned water.
We're talking about what norms should be established in a relatively new case. I claim that the norms should be consistent (meaning that the same norms that apply to T-Mobile should apply to me), that they should be practical (meaning that there's a reasonable way to have an open network and an reasonable way to have a closed one), and that they should comport with the way the installed technology behaves (meaning that, since the default configuration of practically every computer is to connect with any available open network, that behavior should be expected).
The people who want closed networks already have methods available to them. It's trivial to mark a network as not being available-- don't beacon the SSID, or turn on MAC filtering, or turn on authentication or encryption. Those are simple, reasonable ways of marking the network as closed, and they work within the technological framework. Asking me to talk to every user or post a sign goes outside the technological framework and is an unreasonable burden.
In my state it is against the law to access a wireless AP without permission. If Windoze accidentally connects to an AP and you don't have permission to use said AP, the law says you are in the wrong, accident or not. Comparing this to houses or cars etc, is all semantics. The law plainly states do not access a computer network without permission. Does leaving it unsecured imply permission? No. It never has and never will. (unless the law changes)
Just because the signal is transmitted over the air does not magically make it free. But what about t.v. you say? A few channels are transmitted over the air. Those are free because the stations broadcast them for free. (Because of gov't regulations, FCC whatever)
With all that said, do you have to ask for permission? Yes. I'm afraid the burden is on you the would be leecher to ask for permission unless you are put on notice otherwise (like coffee shops with signs that say free wireless etc).
But, how was the owner of the WAP damaged? Doesn't matter. Thats not part of the law. Its a form of strict liability (not to be confused with strict liability in civil cases, Its just an analogy.). There is no provision within the law that says you have to have substantially impaired the use of the victims WAP or the victim is out X dollars of use or over 1 MB of my access was impaired or whatever.
But, you say, I can't ask because its a huge apartment complex, or the airport didn't have signs up. Again, doesn't matter. It is entirely up to you to determine if you have permission or not to access the WAP.
So what does all this mean? You can talk all you want about the ethics of leeching wireless internet, but it matters not one bit (pun intended) when it comes to the criminal side of things. Why is this illegal? Ask your legislator.
I am not a number. I am a free man!
I think USA should invade Singapore a.s.a.p. and bring freedom to it's citizens.
I suspect how this person was caught would explain why he was arrested. If he lived in an adjacent apartment, and quietly surfed on his neighbors signal I suspect the chances of getting caught are extremely slim. On the other hand if he sat outside the guy's doorway and taunted him about stealing his signal, I suppose that would be another matter. It is highly likely that this person did something to provoke his neighbor. If you knew how to track down a person stealing your wireless, it is unlikely that you would have an unsecured connection.
Now, let me ask you: would you consider the situation the same had a person tapped a neighbor's electricity main? Or water line? Or POTS telephone service?
Terrible analogies. Please demonstrate how any of those actions could be taken without physically invading the neighbor's property or trespassing on the property of the utility companies providing the service to the neighbor. I'm trying to imagine an electricity hookup capable of transmitting its availability and automagically hooking up to provide electricity to a nearby house/car/man-in-the-street. That's the difference you asked for.
Logic is a wonderful thing but doesn't always beat actual thought. -Terry Pratchett
Personally i think access should be free, and i CHOOSE to share my wifi with the world. So you think im a criminal? How about all the libraries that give it out for free.. How about municpial access? Its free..
Wake up and join the rest of us in reality.
oh, and if its 'wide open' there isnt any 'breaking into' it.
---- Booth was a patriot ----
You can go to jail for spitting out your gum on the sidewalk in Singapore. (Mind you, unlike the wireless nonsense, I'm not sure that isn't an idea we should all emulate.)
I'm happy that I'm living in Singapore. And I'm with the government with their strict penalties and such. Though the tapping of wireless connection which could warrant a 3 years of jail sounds pretty ridiculous, a fine could do!
I'm trying to imagine an electricity hookup capable of transmitting its availability and automagically hooking up to provide electricity to a nearby house/car/man-in-the-street. That's the difference you asked for.
Tesla did it seventy or so years ago. But the point behind the analogy is that all of them are metered services sold to a specific individual. That the physical transmission medium for wireless Internet is different from electricity, eater, or telephone service does not matter. Do you argue the that you should have free reign to use a neighbor's cell phone service simply because the transmission medium is wireless?
"While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here."
Mr. Cheo, I have an Idea.
How about making those Linksys WRT54G routers, which can be found in every house including dog houses doll houses and outhouses, secure?
Why is it I can find an "unsecured wireless network" named "linksys" on any neighborhood street in America? And why would Cisco claim to be concerned with the matter - or are you simply more concerned with the matter that securing your boxes out-of-the-box would drive up support costs and drive down sales? (Rhetorical question.)
It always amazes me how other countries, that are so technologically dense, seem to have the most screwed up and draconian laws and regulations on the planet.
...
I live in Canada. I like living in Canada, I like the freedoms that I am granted. If for one second I thought that i would be possibly putting myself or another in jail is appalling. I cant even begin to fathom the mindset of someone who goes to the cops and has an individual arrested for network access rights violations. If its such a problem that it is affecting the operation of the host, then the host should SECURE the fucking thing. Am i right?
I have experience with networks and securing unsecured APs. The first thing i tell someone when they call me is to RTFM for the router/switch and get over being compromised. Then I tell them how to fix the problem, assuming they are still around after i insulted them for being idiots for not doing the research FIRST before implementing the hardware.
Yes the kid is in the wrong here. Since it was not in an area where a known public-AP was. Other than that a small fine or a slap on the wrist, litterally, may be enough to remedy the situation.
Thats my two cents.
... Professional IT and NETWORK administration ADMIN for 3 years
I don't really care if someone gets offended. If i know I'm right, I'll say it. Otherwise I'll keep my mouth shut.
..::ALWAYS : watching::..
'' The user agreement for virtually all ISPs does not allow their users to share their internet connection wirelessly, no matter how generous your neighbors feel. ''
I checked the terms and conditions for Orange, former Wanadoo. Quite interesting. I am only allowed to use my connection for residential use. I think that allowing my neighbour free access is clearly residential use. I am explicitely not allowed to resell the connection. So allowing my neighbour access for money is disallowed. Commercial use is not allowed. This is a change in their terms; it used to be that the service was "not intended for commercial use", which I assume means that if my business goes bankrupt because my broadband connection fails, that's my problem and not theirs. Then there is "fair usage"; sharing the connection obviously makes it easier to exceed whatever "fair usage" means.
Most importantly: I am sure that Orange terms allow me to make broadband available to others for free as long as they don't use too much bandwidth.
If you like it, stay there. Just as long as you don't try to export your fascist ideology to the US or other more free countries.
-b.
The problem here is that many people purposfully leave their wireless open so that others can use it.
Two questions for you:
I've heard this argument made a lot by the "free wireless" persons, but I have yet to see anyone claim that they make their network freely available. That is, certainly not a quorum of them.
N.B.: I've utilized other persons' wireless connections in a pinch, so I'm hardly blameless. But I've never deluded myself into thinking that they were "happy to help"; I recognize that they are most likely ignorant of WPA et al. like most average persons would be.
Good point. And sometimes the unauthorised access can be accidential...
My friend has a funny story along the same line. He is a computer scientist and his wife is a computer user (who does not really know/ care about how to set things up). When they moved to their new house, my friend had spent quite a bit of time setting up his wifi equipment (wifi driver issue/ encryption etc). But, his wife just got everything right on her laptop in 5 minutes. A couple of hours down the line, my friend gave up, felt a bit embarrassed and checked how his wife config her laptop. It turns out the WinXP picked a neighbouring unprotected access point. If he did not check, his wife would probably stay the way that was...
But the point behind the analogy is that all of them are metered services sold to a specific individual.
And the point you wish to sweep under the rug is that this fails to analogize the topic under discussion, which is the notion that it is deemed wrong to use an access point in its apparently intended manner. Have a nice day!
Logic is a wonderful thing but doesn't always beat actual thought. -Terry Pratchett
You also don't look around for an "OK to drink" sign before you use a public drinking fountain.
I've never seen such sophistry.
Look, in the case of a drinking fountain, it's quite implicit what the case might be. It's a horrendous analogy, of the ilk used by mediocre trial lawyers. There are norms and conventions. As wireless access is "new", norms and conventions (AKA "precedent") have yet to exist.
The real issue is presuming, in the vacuum of these norms, on the "provider" doing so in good faith and with no issue... defies logic.
The people who want closed networks already have methods available to them. It's trivial to mark a network as not being available...
Again, you are presuming on a level of technical sophistication which is simply not verifiable for any given connection and for any given wireless "free hotspot". It's well and good to presume on their good faith, but it's a bit like saying that cos your neighbor prefers to park his car on the (public) street rather than his (private) driveway, he is making it freely available for use. Norms and conventions and legal precedent say no. It is unlikely that the courts whom will eventually decide these issues will say "caveat WAP-tor".
[...]which is the notion that it is deemed wrong to use an access point in its apparently intended manner.
By this logic it is "intended" for a non-owner to use someone else's electricity. Or water. Or POTS service. Or even cell phone service.
wireless internet is simply a physical carrier. Issues of open access and whether security restrictions against unauthorized use were imposed (a lock installed on a front door) do not negate the principle of a private resource. That is, just because I left my door unlocked does not give you right to enter my home and take something of mine as if it were yours.
This is no different. The technology may have changed, but the principle of private ownership remains the same.
strong words indeed from someone who doesn't have the balls/ovaries to back up his/her "strong words"!
How must it feel to be so certain and so wrong?
:: the general public is as disinterested in advanced art as ever
I don't know what it says now, but Yahoo's broadband agreement used to explicitly state that you could share your connection with up to 10 other users, so long as you did not SELL it.
~REZ~ #43301. Who'd fake being me anyway?
OK, you're right. Analogies are misleading. Let's drop analogies. That means you need to drop the car analogies, which are far less apt than the drinking fountain analogy, let alone the Web server analogy. You can't castigate me for using lame analogies, and then follow up with lamer ones.
OK, that's a cheap trick. What you're saying is that there are no rules, and therefore a "closed" rule should be followed. The result of that is that a "closed" rule would automatically get established as the norm... after which legislators and judges would follow that lead. Not good.
Let's look at the situation on the ground and decide what the norms should be.
The technology was designed in a certain way... the 802.11 protocols define ways to advertise networks as available, and both the protocols and the design of the actual equipment also provide ways to not advertise networks as available.
Unfortunately, consumer AP vendors made the decision to have their equipment, by default, advertise all networks as available. What they should have done was to force every user to explicitly make a choice at installation time, but they weren't willing to take the service calls from that.
So we're left with a situation where many installed networks advertise their public availability, even though their operators don't understand that fact.
What's to be done about it?
Many people here, apparently including you, seem to think that we should just forget that the technology provides ways to close networks, as well as ways to open them. We should make it the norm to assume that a network isn't available, even though it claims to be, unless you have explicit, out-of-band authorization to use that network. The underlying idea is that unsophisticated AP operators should not be responsible for things they don't understand.
There are several problems with that.
First of all, it ignores another bad vendor decision. Most computers on the market will, unless configured otherwise, associate with any open network they find. The technical sophistication needed to prevent your computer from doing that is similar to the technical sophistication needed to lock down a network. As a result, a lot of unsophisticated computer users are going to end up joining open networks without understanding what they're doing. If we end up with legal systems that punish that, we're going to be screwing the unsophisticated computer users to protect the unsophisticated access point operators.
Therefore, I claim that the argument of protecting naive people is just as much on the side of "open means open" as it is on the side of "you need other authorization".
In my mind, that pretty much balances out the only positive argument you, or anybody else, has advanced for the "closed" position. In either case, somebody is going to have to change a default configuration in a relatively sophisticated way in order to comply with the rules.
Then we come to a bunch of other arguments that tip the balance way over in favor of the "open" position:
This is different because in all of your examples you are theorizing some sort of service which is provisioned in a manner that is tightly controlled by specific companies and highly regulated by government. The topic at hand is a person purchasing and implementing a device aimed at making it more convenient to use the internet service he or she has agreed to pay for, be it cable/dsl/[whatever-controlled-form-of-high-speed- access]. To my mind if you equate a neighbor hopping on to an unprotected wi-fi network with theft of metered electrical service, you've got the problem with logic, not me.
Logic is a wonderful thing but doesn't always beat actual thought. -Terry Pratchett
Then there's Speakeasy which actually makes it easy to resell your internet connection to anyone within range.
Easy. I don't trust my neighbors not to download kiddie porn on my network. Maybe it's because there are registered sex offenders near me, maybe it's because I'm paranoid, but I like avoiding the FBI thank you.
Look, in the end, all of your arguments are technical arguments. But as much as you want to hide under "that's the way it works (technically)"... you are avoiding the legal, moral, and cultural precepts which surround this issue. All of those say, quite simply, "don't take that which is not yours i.e. don't steal".
Everything you say is well and good, but it is splitting hairs to justify a position which has no moral, ethical, cultural or legal high-ground.
How did they find this kid? I mean it sounds like the person with the open-network had no clue or didn't know how to secure his network, the question is how did he manage to find the neighbored who was piggy riding on his wifi? I mean what's the method of finding who's your piggyback rider, after that how do you point to him or walk up to him? It most has been a joint operation for blaming this kid. Was the owner calling someone with experience to come to his home and help him look it up, or was it one of dose days where your best friend with computer skills comes by and tells you that your network is not secured and he dose a check and finds out other computers are connected to your network. Dose he decides to pursue further to find more info?
Again, you are presuming on a level of technical sophistication
If more technical know-how is required to set up a secure network than an insecure one then it is the access point manufacturer who is guilty of negligence. It should certainly never be illegal to make the assumption that an invitation is legitimate.
it's a bit like saying that cos your neighbor prefers to park his car on the (public) street rather than his (private) driveway, he is making it freely available for use.
No... To extend your (terrible) analogy, it is like your neighbour parking his car on the street with the keys in the ignition and a sign in the window saying "free for anyone to use" - remember that you don't have to go down the street trying doors and picking locks to find an open access point, it's actually broadcasting an invitation for you to use it.
In any case, many wireless devices will associate with an open network without the user's knowledge - who is responsible for using an open connection when the device has associated by itself?
http://blog.nexusuk.org
I for one agree that you need to ask permission to use the network. The interesting thing is that, by extension, you are asking permission to use the network when your WiFi adapter asks the WAP if it can connect to it. Once the WAP tells the adapter that it can connect then you have been given the permission you were asking for. It is quite simple to set up password protection on a WAP, so that when your adapter asks for permission to use the network, the WAP tells it that it doesn't have permission without the password.
My question for you would be why should I need to ask for permission by using writing, voice, visible wavelengths, etc. What is the difference between nodding your head at someone and thereby granting permission over the visible wavelengths, and sending a series of 1s and 0s over a different part of the spectrum to grant permission?
Java has no friends.
I wish someone from Amsterdam would reply telling you to leave your fascist American drug policies out ;-)
- "Scientia non habet inimicum nisp ignorantem"
Um, no, actually, what I'm saying is that I want to retain the right to give a gift. When I give you something, it's not stealing if you accept it.
Gifts get pretty high esteem in most "legal, moral, and cultural" systems, thank you very much. Do you really want to outlaw them?
You're trying to create a world in which it's essentially impossible for me to ever give the gift of WiFi access, because you're taking away the only way that's available for me to inform the recipient that I intend to give them that gift. You want to be able to hang a "take this free" sign on a network, but not have people take you at your word.
Yes, the "take this free" sign is a technical one. For that matter, a sign on a board would be a technical one, too. Writing is a technology.
The whole concept of wireless Internet access only makes sense in the context of wireless technology. It is therefore completely reasonable to include proper use of that technology in the definition of norms around such access. A person can't even be a party to this argument without having already adopted a bunch of complex wireless technology.
Who are you to say what's 'minor' and what isn't ya racist nerd!
- "Scientia non habet inimicum nisp ignorantem"
If more technical know-how is required to set up a secure network than an insecure one then it is the access point manufacturer who is guilty of negligence.
You're preaching to the choir on this point--I'm in total agreement that WAP manufacturer negligence is the primary cause for this issue. Seems like the "third way" would be requiring manufacturers to sell these device pre-configured for WPA (of which I know I will now be attacked on the details regarding this). But that is a side-issue.
No... To extend your (terrible) analogy, it is like your neighbour parking his car on the street with the keys in the ignition and a sign in the window saying "free for anyone to use" - remember that you don't have to go down the street trying doors and picking locks to find an open access point, it's actually broadcasting an invitation for you to use it.
Sticks and stones. Any analogy can be accused of being terrible. It's an illustration to make a point. You and your ilk always follow a path of reductio ad absurdum with these things, because the issue is intractably linked to your desire to justify your position.
As I said before: I, too, have tasted the forbidden fruit of the unsecured wireless network. But to presume that merely because you can connect to it that it is the quivalent of hanging a sign saying "USE ME" is again, pure sophism. You cannot come to that conclusion logically.
Not like it makes a difference there, but the way it _should_ work (and makes sense) is that if your wireless network is open with no form of encryption and you provide DHCP services you are inviting anyone to use your network.
... it should be illegal to use those resources without permission. It doesn't matter what grade of encyption is used. Could be WPA, WEP, ROT13 or XOR.
Now, if your network is encrypted
until (succeed) try { again(); }
So you wish to share your own WAP. Congratulations. I wish you all the best. However, I was not referring to your specific situation. I was referring to the desire for persons to presume that in any given situation, an open WAP=free to use.
Go ahead, and share your WAP. Again, excellent, great, godspeed. But you cannot automatically presume that anyone else has the same intention if their own WAP is open.
Gifts get pretty high esteem in most "legal, moral, and cultural" systems, thank you very much. Do you really want to outlaw them?
C'mon, keep the reductio ad absurdum comin'. LIke Mickey D's, I'm lovin' it!
When 42 guys in suits go walking, someone's gonna die.
:D
Once upon a time, Al "Scarface" Capone was arrested for tax evasion. But that isn't why he went to jail. '42 guys in suits' is the name of a song written about the accountants who were used to prove this case.
For someone to be arrested for such a small crime, his neighbor had to be annoyed to the point of calling the police (cause they don't go around looking for war drivers) and the police had to of had an interest in this guy for some other reason. (More or less, don't quote me on this)
So I would infer that this is not the case where someone was logging into an unsecured wireless broadcast, as people are complaining about. He probably hacked into his neighbor's wireless and refused to stop when his neighbor found out. Even at that point, the police probably wouldn't arrest him (do people get arrested for noise complaints?) I suspect he was also doing something illegal which he was masking using the wireless access, and the police did not have enough evidence to prove it was him. So they grabbed him using what they could.
Though the alternative is funny. One day Cedric's laptop which is turned on in his backpack connects to an unsecured wireless network as he is walking through the park. The SWAT team jumps out from the surrounding bushes and trees and throws him groundward at gunpoint. He is sentenced to one year hard labor at the local quarry and his laptop is confiscated. Sadly the locker which it is stored in is adjacent to a coffee shop with unsecured wireless, and thus Cedric's sentence increases to the point where the government decided to send him to the gallows. Cedric's will then bestows the laptop to his mother...
The neighbor knew how to check if someone is using his wireless network, but doesn't know how to secure it? An open wireless network is an invitation for anyone to use it.
Internet access through a wireless network that is probably connected to a ADSL modem has fixed costs. The guy really didn't lose anything. So he just doesn't want anyone else to benefit from something he has paid for.
The charged teenager is 17 years old. The neighbor could have told his parents what he was doing and they could have told him to stop or take away his computer...
Sounds like the neighbor wanted someone to use his network, so he could sue them.
What if the owner of the equipment wants to create a free and public digital space? Like...an "island network"? The government in the US can't make laws against free speech and free gathering. The law must provide for open, peaceful gatherings. You cannot outlaw leaving the door unlocked because maybe the owner wants it that way. You can establish however that because the door might be left open for legitimate reasons that the owner must choose to lock it. It's the difference between Breaking & Entering and Illegal Entry. It's different because the act of compromising security increases the severity and the owner must take some responsibility for securing their things.
But, this story is from Singapore, and IANAL.
I don't know what all this talk about encryption and "breaking into" are about. The article doesn't mention the "victims" were using any sort of protection at all. In fact that is probably how he accessed their connection. I suppose the kid just turned on his computer one day and he had internet access. Probably didn't understand what was happening. Now he is in prison for it. It is likely there was no malicious intent at all. He is just a teenager afterall, I'm sure he didn't understand someone had to be paying for an internet connection.
You're not wishing me "Godspeed" in your actions, or at least not in what you're trying to make the rest of the world do.
You're trying to tell me that the means I've used to make my network available aren't adequate. Furthermore, you're telling my users that those means aren't adequate.
I'm over here with my open AP, telling Joe, via beacons and DHCP, to "Go ahead and use it". And you're telling Joe not to believe anything I say, because I'm only using "technical means" to say it, and some other benighted soul might accidentally be saying the same thing, by the same technical means, and not really mean it.
Furthermore, you're not offering me any really reasonable way I can convince Joe that I really mean my invitation. I don't accept that posting a placard is reasonable... it's an ugly intrusion, and you can't make it visible in all the places the WiFi network covers. I surely don't think that forcing Joe to bug me personally for permission is an acceptable alternative; that would be a huge imposition on both of us, even if he could find me.
How, in any practical sense, is that any different from forbidding me to give Joe access?
You really are suggesting preventing me from giving Joe a gift. I understand that your reason for that is to protect Sally from the consequences of buying a poorly-thought-out product from Jim... but that's wrong. Neither Joe nor I have any contact with Jim or Sally. We're over here at my house, engaging in a consensual gift exchange that harms nobody. What reasonable legal, moral, or cultural norm makes it incumbent on us to give up the very possibility of that because others, elsewhere, can't get their act together in what is, after all, not so complicated a way?
Sure, if Sally screws up, and Joe later goes over to her house and ends up on her AP, and she tells Joe to knock it off, Joe needs to knock it off. Joe should even be neighborly and help her to lock it down. But Joe should intially be able to take Sally's AP's beacons at face value... especially since the damage to Sally in such a case is, realistically, minimal.
It's not an unreasonable expectation that people who deploy a technology should learn at least a little about it.
As for reductio ad absurdium, I thought your assertion that I was completely ignoring legal, moral, and cultural issues to be pretty absurd already. The whole conversation is really about the moral status of various forms of communication, including communication using various technical means.
This is different because in all of your examples you are theorizing some sort of service which is provisioned in a manner that is tightly controlled by specific companies and highly regulated by government.
- access].
Cable service is not regulated by the government? Last I checked, the government regulated cable television prices, service, and are even debating the regulation of content. Cable television and Internet companies lay cable straight to their customers' homes across public ways just as is electricity, water, and telephone service (or metered gas, for that matter). And, just like WAP, cellular telephone service is transmitted using radiowaves - yet no one argues that it wouldn't be theft to use another person's cell phone without their consent.
So, I'll ask a different question: If it is improper to use someone else's cell phone service without their knowledge or consent, but proper to use someone else's WAP point - also without their knowledge or consent - then what is the distinction between the two. According to you that separation would appear to be whether the service is "controlled by specific companies and highly regulated by the government." I fail to see how having a corporate charter makes any difference - a private individual has the same property rights as does a corporation. And the government IS enforcing regulation through the criminal court system.
The topic at hand is a person purchasing and implementing a device aimed at making it more convenient to use the internet service he or she has agreed to pay for, be it cable/dsl/[whatever-controlled-form-of-high-speed
That's funny. I thought the topic was about a person in Singapore being convicted and jailed due to having used a neighbor's wireless internet without permission. I am arguing that the judge's decision was proper.
Finally, WRT: ease of use - or the "making it more convenient to use the internet service" arguement. might I point out that WAP routers are intended to make Internet access easier for the *owners* of the service (as you say). But it does not exist to make it easier for *strangers* to use a service they have neither paid to use nor have permission to use by those who did pay.
How again, is this not theft?
So, if most or all AP vendors did in fact start selling devices that were locked down by default (or, say, devices that actually forced the user to decide one way or the other at installation time), would you then favor a system in which opening up an AP was treated as an invitation to use it?
What if, in addition to APs not being open by default, users became more sophisticated over time, and there were fewer cases of people leaving networks open by accident, regardless of the defaults?
I ask because both of those things seem to be slowly getting closer to reality. The problem is that whatever legal system is established now will probably persist regardless. If governments are allowed, today, to set up systems of laws that forbid treating an "open" AP as truly open, we'll still have those laws in the future, whether they make sense or not.
Given how long it will take the laws to get established, how long it will take the technology and the user sophistication to change, and how long it would take to change the laws after they were established, does it still make sense to let the law go in the direction of presuming no permission on open networks?
One problem here is that many legislators, and many of the people who influence them, don't like the idea of open APs regardless of whether the AP operators and their ISPs like them or not. Open APs represent a path of untraceable access to the Internet, and there are a bunch of people who hate anonymous access. That's another reason why you might not be able to get the laws changed if the underlying situation changed, and why it makes sense, right now, to argue for "open means open".
When I first got my new laptop I didn't have wireless in the home, but I had a ton of open nodes around me. For the first couple weeks while I selected a WAP I used the connection of a business across the street.
When I got mine I installed it, locked it down and used it but first I went across the street, introduced myself and told the business owner that his connection was wide open. Helped to secure it. Then suddenly other open nodes started locking down.
But here we are a year later and there are once again, a ton of open nodes.
I hold the equipment manufacturers responsible.
Your assumption is that the person connecting to the network is more tech-savvy than the person running the unsecured network. The problem is that both are "noobs" so to speak, and the fact is that many wireless softwares will automatically latch onto a nearby wireless connection (usually the strongest) without asking or informing the user.
Where I used to live, we had quite a few wireless networks open in the area. We also had two of our open (open for our friends, but the SSID wasn't broadcast, and I monitored the usage). At one point, however, I discovered that when something interfered with the signal (usually the cordless phone) windows would lose the connection, dump it, and automagically switch to a neighbour's wireless without asking. I've heard of Macs doing the same thing. Now I'm not a computing noob, but the fact is that even when I told it not to, the damn software would still jump around like a rabbit on steroids.
Combine this with people like my grandparents or even friends my age, who don't understand the internet or computers much at all. For them, things just work. If you have an internet connection with your new Dell, well it might be from the Dell people as a service that came with the laptop... not that you're leeching your neighbours wireless.
Now if he was told to stay off the wireless and didn't take reasonable measures I could understand this. The owner should have taken measures to secure his wireless as well. An open lot is the responsibility of the owner to fence after all, so why not a virtual private space?
The fact is that the AUP with the ISP is between your neighbor and their ISP not between you and the ISP. The neighbor is the one violating it if they share with you. Your Bears ticket analogy is close but not spot on. An improved analogy would be that the Bears provide you with a ticket to watch 1 game from 1 addressed seat in the stadium. Now the ticket agreement probably states that it is non-transferable. So the way to run afoul of it would be to leave at half time and give the ticket to your friend. This way you are consuming no more resources than those allocated to you (1 seat) just as I would not be if I were sharing my wifi as I could still only download at 6Mbit and upload at 384k.
Cable providers put no limits in their AUP on the size of a family or the number of guests you can have over so I find it hard to swallow that 1 dozen geeks watching football with PDAs and laptops is OK but me and my wife and our 2 kids and our 1 neighbor is not.
But I do agree that any AP that has had ANY security implemented WEP-64bit for example should be left alone because the owner has put out the no trespassing sign just as you wouldn't walk on your neighbor's lawn if they put a fence up around their yard.
In many jurisdictions, there is a "reasonable person" test that would probably apply here. Businesses don't have locked doors, and it's not trespassing for you to enter them without explicit permission. But the fact that there's a business name above the front door, and their front door is unlocked, is usually enough for one to assume that permission is implied.
A wireless access point that is *announcing* itself as being open could be considered implied permission to use it. Note that the access point doesn't just have a sign on it that says "open". It is actively beaconing its "openness" to solicit users. This is all defined as part of the 802.11 "contract" between computer systems, and just because some owners don't understand what they're doing when they set up an 802.11 access point doesn't mean it's unreasonable for others to assume they do.
Of course, when the owner of the access point tells someone to stop using it, that implied permission no longer exists, just like a business owner can tell someone to leave their store. You've been asked not to use it, so any continued use is legally actionable (though it still may not be illegal, depending on the laws in your area).
Just be warned, some Internet providers consider that reselling of services which may or may not be permitted on your agreement.
Change is certain; progress is not obligatory.
You don't get to say, "In hypothetical scenario X this law leads to absurd consequences, therefore I am not bound by this law. Checkmate!" It usually doesn't work like that unless someone is actually in that hypothetical scenario.
That the law could impose a penalty on someone for unknowingly connecting to an open access point without authorization does not mean the law does not apply when you knowingly connect to an open access point without authorization. Our justice system is not a sophomoric debate club.
Similarly, just because you can conceive of cases where say, choice of essid could legitimately be taken to authorize access, this does not mean you are somehow excused to use access points that do not have essid names implying access.
Further, if the law includes a clause, "under no circumstances shall the essid name alone be used as a defense that the access was authorized". Laws in our legal code aren't laws of physics, neither are they mathematical axioms. They have holes and exceptions, and the fact that you feel you have cleverly identified them does not somehow excuse you from their penalties.
Laws may also be written so as to exclude "unknowingly accessed" defenses.
It's this simple: Do not use an access point unless you have explicit authorization to use it. And NO, just because "explicit authorization" has grey areas DOES NOT mean it is null and void when the scenario you are being prosecuted for is black and white.
anyone not fencing their residential property should be assumed to be ofering free parking
You shall know him by his Sig
"I've lost count of the number of times I've accidentally attached to my neighbour's WAP"
Nonsense. Windows' default settings for wireless does not connect to any random access point. If you want it to do so you have to to the the Advanced settings and check off "Automatically connect to non-preferred networks". That's been true in XP SP2, XP SP1, XP no-stinkin'-SP, and even in the rudimentary "zero-config wireless" client that was in W2K.
I've never had a Windows box "accidentally" connect to anything. Now if you never changed your access point from a default of "default" or "Linksys" or "Netgear" and put it into your preferred access point list, and then your neighbor has the same - whose fault is that? Yours for not changing your own access point name to something that isn't going to show up at your clueless neighbors.
of someone's life, then it's worth spending some time to harden it in the first place.
Yes, what the guy did was wrong, yes he should be punished, but 3 years for the next best thing to entrapment?
If you reported your car stolen after leaving it unlocked with the engine running and the keys in the ignition in a bad part of town you'd be laughed out of the police station.
Stealing the car is still wrong, but surely you can't expect it not to be stolen under those circumstances. Doesn't that make it entrapment?
Why is it that the IT equivalent of exploiting such gross stupidity is demonized?
Trying to find a good comparison here based on the "trespass" mentioned, here is what I have come up with.
Wardriving is a bit like going out to watch the fireworks on the 4th. You have a better view of the fireworks from your neighbor's property, so you walk over there. It's just a few steps across the grass, there is no fence, no "no trespassing" signs, no "keep out!". So you stand there watching the fireworks and find two officers standing behind you, here to cuff you and haul you to jail.
I don't see the difference.
I believe the trespass law should be interpreted that you cannot be charged with trespass if it is not posted so, if it is "freely and publicly accessible", and if you have not been asked to leave. What's happening with this guy is like pulling into the grocery store parking lot to switch drivers, and the store manager running out and getting your charged with trespass. It's outrageous and it's stupid.
I've said it before and I'll keep saying it. There are too many people out there that are convinced that the entire world needs to protect them from their own ignorance and that someone else must be held responsible for what happes due to their ignorance, and the owner of that WAP is in said group.
It also occurs to me that the laws nowadays are waaaay too general. The laws used to be very restrictive, and if you were guilty there was no doubt. The law tended to favor innocence, so there was no risk of finding the innocent guilty, but at the expense of not being able to prove everyone that is guilty as such. But now, in today's wonderful modern society, the laws are now "catch all". The justification usually is that somehow the legal system will "drop charges" or "look the other way" when you are doing something that is by-the-books illegal but wasn't what the law was meant to target. It would be simpler if they just said it was illegal to breathe. That way you could arrest anyone for anything and you would be sure to be able to catch the ones you believe are guilty of doing something bad. (and of cours the judges and police officers can be relied on to correctly apply the "exceptions"!) It sounds ridiculous when you look at it that way, but isn't that what the modern legal system has come to? Incriminating everyone to protect everyone.
I work for the Department of Redundancy Department.
Leaving open access points for anything other than actually expressly providing open access should be a crime. In fact, there's a lot of nefarious activity that someone like that could be up to, and at the very least, it can cause problems for nearby users who may be connecting to the wrong access point.
Locks are pickable because we've yet ot invent the cheap unpickable lock. However if you want a lock that's damn near impossible to pick, it's yours for the asking, and about $300. Plenty of companies make high security locks, my personal choice is Medeco. They patent their keys and tightly control distribution so you can't just get them copied anywhere, only authorized dealers can copy them and they only copy them for the owner (they require ID). Also means to get a proper blank you have to go to the right dealer. They also have biaxial pins, meaning they are cut in two directions and rotate as well as go up. Makes them a bitch to pick. They are also resistant/immune to other attacks like bumping, ice picking, etc.
There's no law preventing you from getting one, in fact I have one on my door. Just go to a dealer and buy it. However, most people aren't willing to spend the money and deal with the hassle of having to get keys at only one place, so cheap, easily pickable, locks are the rule.
They have very open policies. They allow sharing, servers, etc. It's expensive relative to a cable modem but I've had their DSL for like 3 years now and I'm real happy. I run 3 web servers that do a ton of traffic and I've never heard a peep from them. If the bills are paid on time they are happy, the connection is mine to do with as I please.
While all of that is true, remember who violated who's property first -- My computer doesn't go sniffing for open APs, rather, it listens for broadcasting SSIDs and links up from there.
If you don't want me to use your access point, don't broadcast your SSID into my airspace, or put a lock on the door.
Can I break WEP? Sure. Do I? Well, no -- The reasonableness test would indicate the owner doesn't want me to use it, so I don't.
Give a man a fish, he'll eat for a day, but teach a man to phish...
What do you expect? It's Singapore... The authorities there have always had a hard-on for extreme punishments for activities that often aren't even considered crimes in civilized countries. It's almost as if the Singapore authorities were trying outdo the Americans and the Germans in the 'Asshole Country of the Century' contest. Imagine the horror if these guys ever managed to excape their little Orwellian island.
Hold on you say! Singapore has gone from a backward malarial ridden third-world port city-state to a state-of-the-art communications and manufacturing center as good as anyplace in the world as a result of the focus and vision of Lee Qwan-Yew and his associates. And in less than forty years. And they will continue to advance as they shift from manufacturing to USA-style design and brain-power activities. The total fascist control of every citizen's lifestyle is necessary and good thing. It is the 'Asian way, where benevolent guidance of a wise leader concentrates the energy of the people to great heights'. Western-style laisse-faire in both the commercial and private spheres, wouldn't work here.
As a hippie, a pothead, an electronic designer, a programmer, a libratarian, and an American, I say that this is total bullshit. One must ask, as one watches another Western tourist led to gallows or the torture caning chamber for being caught with a tiny amount of harmless cannibus, how many of these beautiful skyscrapers were financed with money that came from the Golden Triangle and Afganistan opium fields.
Singapore is an insane place. Civilized people, expecially the young and those without a lot of money, are best advised to avoid it.
Every time one of these stories comes up, some people post with great certainty their opinion that using someone else's wireless connection is clearly unethical.
And the responses to those opinions usually avoid the ethical questions entirely, and focus on asking "how am I supposed to know without leaving my basement and having to actually interact with people". Such a predictable web site, its a wonder there's anyone here at all.
Folks, please make your case more solid by answering the question of how you're supposed to tell a wide-open residential AP from a public access AP.
If the name of the network gives you no hints, how about this: if you aren't aware of any free wireless networks in the area, don't connect. I know erring on the side of caution might seem a strange approach, but it would appear to be the prudent course when you're using someone else's resources, especially if you don't know whose.
For that matter, how do you tell whether the neighbor was clueless in the setup or was being neighborly?
Does a network identify itself as the default, or as "Joe Blogg's free WiFi"? One suggests cluelessness, the other is pretty much an open invitation. But if you can't tell and can't be bothered doing the leg work to find out for certain, again, don't use it.
The knock-on-the-door-and-ask-politely algorithm doesn't work well in an apartment block where the range of the signal includes dozens of apartments.
It works just as well, it simply takes longer, although comparing an afternoon knocking on doors to three years in prison I wouldn't consider it that much of an inconvenience. Not that actually knocking on doors is necessary in these days of desktop publishing, cheap printers and email. This guy was clueful enough to find a wireless network, I'm sure he's capable of printing his email address on cards and slipping it under doors in the area (he may even have made some quick money securing the network in question rather than being arrested). We're talking roughly a 200 meter radius here; hardly a needle in a haystack, especially for someone with enough sense to narrow down the base station's location with signal strength readings.
What I'm really saying is if a person isn't prepared to get off their arse and make sure they have permission to use an open access point, they shouldn't feel entitled to use it. Considering they're both unauthorized use of other people's network resources, I see no real difference between leeching wireless and spamming...except that spammers are "them" and people who want free WiFi are "us". Does this difference in perspective alter the ethics of bandwidth misappropriation, and if not, how does your inability to determine your neighbour's intentions via technical means change the situation, considering the agreement to share the access point is between you and it's owner, not you and the machinery?
Blank until
I visited relatives in Spore and switched on my WiFi PDA. I immediately got on line. Problem was I suddenly realised i wasn't using my relatives WiFi. I did some quick research and found 3 strong and one week network was available (all open for me). I had to go and ask my relatives which was their network. Basically houses and apartments in Spore are pretty close together. I would think the need is more to educate the people, who open up the networks, to make them difficult to enter, b4 prosecuting users. Of course we don't know the background to this incident and how much and for what prupose this person used the open network.
This is NOT breaking into someone else's airwaves. I am sorry, but if you send unsecured packets through the airspace in my home then I feel completely free to use them as I please. Either: a) use encryption or b) a low intensity signal. The supposed equivalent of breaking into someone's homes just because the door is locked is wrong, the correct analogy is someone leaving stuff inside your kitchen and you taking it...
No it isn't like blaming every rape victim that doesn't wear a chastity belt. It more like blaming every rape victim that runs around naked screaming "Free Sex!" Wi-Fi networks generally broadcast their availability as a Freely Available Service. If yo don't want that, there are many, many ways to disable it. Now the error may be on the manufacturer's part by taking the ease of use route, but that really doesn't excuse it. Wi-Fi is in a Public Space by definition. It is in an unliscensed spectrum free for public use. Running unsecured Wi-Fi is like sticking a water fountain in a public place. If you don't take steps to secure it, you don't have any right to complain when other people use it.
What ever happened to punishments fitting the crime?
Just ask Michael P. Fay
Slashdot CAPTCHA: lackey (hmm....)
You get 40 canings or something for chewing gum in Singapore, LOL.
simple, fast homepage with your links: http://www.ngumbi.com/
Nice. Nice.
[1] And yes, I have told him to fix it. Even did the neighbourly thing and secured his network for for him. The following day he removed my configuration because "he didn't like entering a password". He'll learn the hard way eventually.
"The neighborly thing" you did was the only blatantly illegal act anyone has mentioned in this thread.
First illegal act: You logged into his AP over HTTP by entering a username and a password, that you guessed because it was probably the default but is still technically "using false credentials to gain access" and also probably "criminal unauthorized access."
Second illegal act: You changed his router configuration without permission which immediately caused your neighbor a DoS on his own network! That's the kind of act these companies claim millions of damage for, when some idiot kid logs into their system and changes some config file. He then had to go THROUGH YOU in order to access his network again. Extortion? Protection?
Ironically, you first did exactly what you wrote that others should go to jail for, namely access his network at all. That's the one thing you did that wasn't definitely illegal.
I think you confuse what you perceive as moral as being lawful and/or ethical, when you haven't thought through your own moral-justification behavior. You're even criticizing others for the same exact behavior. Why?
And what about just plain-old invasion of privacy?
consider that reselling of services
Despite the best efforts of twisty little lawyers, it would be hard to prove that a key component of the word reSELLing can apply to giving something away for free.
Seven puppies were harmed during the making of this post.
Why do I get that feeling that in 50 years, every person on earth will be in prison, and there'll be nobody left to intimidate with the law?
I don't trust my neighbors not to download kiddie porn on my network.
OMGZors, yes, please, think of the children. Why, do you do a lot of kiddie porn downloading yourself? For fuck's sake, if the authorities can't even make ISP's responsible if someone downloads kiddie porn, are they going to make some idiot who can't even secure his wireless network swing for it?
How many people download kiddie porn, vs how many people use internet to waste time and/or send email? Not everyone is as perverse as you think they are.
Seven puppies were harmed during the making of this post.
So, before you connect to a web site, do you "get off your arse" and phone up the webmaster, asking for authorization to use his network resources? After all, if setting up an open access point isn't a sign that you're letting people connect to it, then neither is setting up an open web server - right?
Er.. the machinery acts on behalf of its owner. It doesn't take part in the agreement itself, but it does stand as evidence of an implied agreement, just like a guard outside a door who says "Come in!" (presumably on the owner's behalf) or even a sign (presumably put there by the owner). The building's owner is actually who grants permission to enter, not the guard or the sign, but you can reasonably expect that the guard and sign reflect the owner's wishes.
Visual IRC: Fast. Powerful. Free.
In the end you're still enforcing laws on unlicensed frequencies... these were never licensed so that the average dumbass could have a high powered cordless phone, and not sue his neighbor for turning on his microwave.
Now we have highspeed wireless access points that, by default, broadcast their location - because manufactures want to make it as easy as possible for an idiot to set it up without instructions they'll never read and call tech support.
And now the government thinks these people need protection...
WRONG.
We need protection against these people. People like me who are sick of spam zombies and spyware ladended PC's clogging the tubes of my beloved internet. It should be against the law to broadcast a residential internet connection because THAT is against the ISP's terms of use.
This would be much different if the shmuck who got arrested drilled a hole in his neighbor's wall and ran cat5 through it. Com'on...
Sigh... rant off.
Microsoft Windows and other operating systems have a configurable option to attach to any available network. This is used to make it easier when you stop at a wi-fi hotspot where it is allowed to utilize the connectivity. For someone to be convicted of this, it seems to me that you would have to prove that the user knew what he/she was doing and had an intent to steal the connectivity, and not just a misconfiguration of the wireless client software. Several times my notebook has connected to my neighbor's access point. I immediately switch to my own. Becaue it is the right thing to do. Eventually I fixed my configuration so it would ONLY use my access point. I think it is necessary for people to secure their access points if they don't want others to use them. It is not that hard to do. Encryption is easy to enable. Disabling SSID broadcasting is a good start. I went around the neighborhood and spoke with my neighbors that had open routers about locking them down, for their own sakes. I america, we presume not guilty until proven guilty. If a person has their own wireless access point hooked to their DSL or broadband, and they happen to connect to a neighbor, it is most likely an accident. If they don't have their own access point, and they are using the Internet, they are either ignorant aboujt where connectivity comes from, or they are stealing. I used to keep an open zone hooked to a spare DSL line, until file sharing abuse spoiled it for those neighbors that I was trying help out.
If you use the reasonable person test around here you could totally get off. Take my mom, she is an average computer user. She bought a new laptop a while back it has a wireless card, like most. So I was at her house a few weeks after she had it, I asked if she was still using dial up or did she get cable, she said "No I have free internet with the new laptop". So I asked her more about this free internet she has. She told me "When I got the new laptop, I just turned it on, and I could use the internet." So she is using someones wireless without even knowing it.
1. Enable file and printer sharing
2. Put up your personal pictures. You, your dog, your girlfriend.
3. Profit?
Starbucks, Harbuckle of Breath.
Yes, I realize that sometimes people will accidently end up on an unsecured network that's not theirs -- but that's more like shooting the 4 year old who ends up playing 'doctor' with the 3 year old... He should get a firm talking-to, but throwing the 4-year old in jail for statutory rape is just a stupid as telling the 3 year old that it's all her fault.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
But you do get warned prior to entering Singapore about the anti-drug laws and the possible punishments. Generally you get told explicitly what's right and what's wrong to do here in Singapore. Yes, there are some cases of indefinite detention for political dissent and many an opposition politician has been sued out of politics. Not something I particularly like but there are quite a few countries going this way these days, I just have a better idea of where I stand in Singapore. I disagree with the death penalty but I'm actually quite in favour of corporal punishment (within my boundaries for determining 'not cruel or unusual').
I can't find the story at the moment, but there was a Slashdot story a little while back about a gentleman who was arrested and convicted of tresspassing on an open wireless network of a coffee shop.
The thing was, he had been coming there for months to leech wireless access. He then was asked to stop using the wireless and leave by a police officer (the people in the shop were too afraid to talk to him). He left, but returned shortly thereafter. The police officer discovered this, and arrested him.
They started counting his computer tresspass time from the time he had been told not to use the network. It seemed like a very reasonable application of your principle.
Anyone recall the story and have a link?
The ______ Agenda
I had to deal with this a few months back...
I was driving my car around the neighborhood, right after working on it. It started acting up so i parked it at a near by Apartment complex, the car wouldn't have made it home. I walked back home to get some radiator fluid. The radiator was leaking so i parked the car so it wouldn't over heat. I showed up back to the apartment complex to check out my car about 20 min later, and noticed that there was a guy saying he was the manager and was going to have me arrested for trespassing. I was told by him to wait hear for the police so i could be arrested.
I know that wasn't going to happen so i willfully waited for the police as the 'manager' asked. Mean time the manager was going off on my how i was some stupid kid dealing drugs in his 'clean' apartments.
Once the cops got there they asked the manager what was going on and he told the police that i was the worst kid in the neighborhood an that i need to be arrested!! along with trespassing of course. I ended up not being wanted by anything and after the cops rummaged through my car without my permission. They "determand" that i was not a threat and that i should just get a ticket insted.
Trespassing in the second degree. $190 fine.
I got a letter from the DA asking if i wanted to just pay the fine or if i wanted to take it to court. If i wanted to just pay the fine i needed to do so by this date or i would have to go to court about it on this date. I took the thing to court and not before i looked up the laws on the matter at the library.
In the state i live in, the law states that "In order to be trespassing on private property i need to first be on the property then asked to leave, then refuse to leave."
Well since i was "asked" to stay and wait for the police to show up i did just that, and look at where it got me, i had to go to court. If i had of left when i was asked to then this wouldn't of happened. But since the cycle of the term 'trespassing wasn't understood by the manager or the cops i got the ass end of the deal and had to go to court.
When i went to court the judge asked for the side of the story from one of the three police officers who was there. The cop didn't really say much other than that i was there and there was an angry manager.
Then the judge asked my side of the story. All i did was tell him that i was never asked to leave so therefore i didn't trespass. I had the legal document stating this that i got earlier at the library. The judge didn't even know what trespassing was. So he said dismissed and that i will me mailed a verdict... Not guilty.
The point of all this is--
No matter what the law states about open wireless in this country, if the right people don't know whats going on this whole thing legally or not it will go to court. Like the pissed off neighbor. There was dust kicked around in the matter so the police stepped in, and since know one really knows the laws on the matter its going to court. Just like my issue.
What i think that needs to be done is for the kids lawyer, or if he even gets one, needs to figure out where it states in the law about this issue. And if there isn't any Rock solid laws about this. Come up with something that is close to the matter. Like trespassing. the AP never told the kid to leave (im guessing), it asked if there was anyone that wanted to connect and the kid replied yes i want to connect. I know the laws are different from my country and his, but If you compare this to my experience i think his best bet is to let the system work. Its designed to work, so let it. And if he doesn't get the answer he wants, appeal. If thats an option...
anyone not fencing their residential property should be assumed to be ofering free parking
Interesting comparison. You know, your house and yard broadcasts a lot of electromagnetic radiation into your neighbor's yard, especially during the day in the infrared, visible, and ultraviolet frequencies. Your microwave and cordless phone broadcast in the same general frequency as his wireless router. Your neighbor broadcasts much the same into your yard. GOD FORBID your wireless network card should broadcast a tiny amount of radiation that his router mistakenly assumes it should send to the internet... Maybe if cars were flying back and forth between the road and your yard and your neighbor's yard all day the comparison would be more apt.
My opinion is that anything relying on electromagnetic radiation in the unlicensed spectrum should *obey* the fucking FCC and accept unwanted interference. I wonder how many of the people prosecuted for "stealing" wireless access have pointed to that little FCC label and called the prosecution on federal communication laws?
Everyone here that makes a reply of the form "An open access point should be treated as an invitation to use it", please also post your home address. That way, next time you leave your house unlocked, I can treat it as an invitation to use your TV set and kitchen facilities. I will also assume that the next time you leave your keys in your car, that is your invitation for me to feel free to use the car. Damned nice of you!
While I would agree that 3 years for leaching wi-fi is a bit excessive, even in Singapore, I do think there should be some punishment, both in the US and anywhere else. An open access point is no more an invitation to use it than an open door is for you to walk in to someone's house uninvited.
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
Three Year olds don't operate computers (and if they do, their Parents have an obligation to protect them) we're talking about adults here. People have an obligation to take some responsibility for their actions. Operating Free Wi-Fi isn't even analogous to leaving your keys in your car, or the door to your house unlocked (as those are both acknowledged semi-private/private spaces) Wi-fi is like Television or Radio. It's an open service, operated in the commons, like OTA TV, AM/FM/Shortwave/HAM Radio. Operating an open, unsecured service in a public space is an invitation for it to be used. If they don't want it to be, they have an obligation to secure it.
You'll be so welcome to visit our local premises. Don't forget to tell the barmaid who you are and she'll be happy to let the guys give you a good beating for trespassing :-D
send + more == money?
Someone who CHOOSES to be willfully ignorant about how to secure their wireless network is not an innocent 3 year old walking amongst child molesters.
I suspect that it would be rather difficult to "choose" to be willfully ignorant if you're so "willfully ignorant" that you're absolutely unaware of the fact that there is something to be "willfully ignorant" ABOUT. You think people really spend any time worrying about (or should HAVE to) how the engine in their car works? No. They give it gas, they push on this here peddle, and it goes faster. You think people really spend any time worrying about (or should HAVE to) how their wireless network works? No. They turn on their computer, hit this here button, and it works.
802.11b/g both transmit and receive over unlicensed *public* frequencies by design. The public nature of those frequencies means that anyone may legally use those frequencies for any application, including sending and receiving IP encapsulated data.
To use your analogy, operating an open 802.11 network is exactly like the guy's neighbor put a sign on his open front door saying, "Come in! Make yourself at home. Grab some food and drink." And then the neighbor has him arrested for doing what the sign says.
Bottom line, public frequencies are just that, and--if you care about network access--you need to lock the door and take down the "Help yourself!" sign.
Maybe I shouldn't say this, I do not wish to make you upset, but for the past 3 years your wife have been known to sleep around with practically everybody in the neighborhood. It has come to the point where people are starting to call her "WIFI" (get it?), and it is about to make you the laughing stock of the whole community
Maybe you two guys should do a little talking, synchronize your viewpoints upon "net-working" behaviour perhaps?
Not that I have had anything to do with any of this, but thanx for the coffee
send + more == money?
I would argue that it was a "honey trap" delibrately set by my neighbour to overwhelm my own puny Linskys signal power to catch my personal details and blackmail me...
Man i wish that poor boy was in US.
"Doing what i can, with what i have." ~ Burt Gummer
In the state of Texas, here is the law
/. are computer savy, your average user is lucky to know where the one button is and doesnt read instructions. They dont realize that the system is set open from the factory, they just turn it on and go.
33.02. BREACH OF COMPUTER SECURITY. (a) A person
commits an offense if the person knowingly accesses a computer,
computer network, or computer system without the effective consent
of the owner.
Pretty much an open ended law. Here is why... while most people her on
If your house has the front door standing open and your name is on the mail box, is it okay for me to cruise by, see it, come on in and take something you own? Bandwidth cost$$ and the person who legally has the access has to pay for the access monthly therefore it is NOT FREE. When you slide by and use it, you are leeching off of someone elses dollar.
unless the owner pays be traffic. If you noticed someone leaching on it, just lock the door by protecting your network with a password.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Do they still have public canings in Singapore? If so, does it really make sense to punish a 21st century crime with a 17th-century punishment?
They're not willfully ignorant. They don't know what they don't know. Where I live, you are not required to take a test in order to operate either a computer or a network, wireless or otherwise. The wireless routers that most people buy are consumer devices that they plug in and it runs. No knowledge is required. It's the IT equivalent of a refrigerator. You plug it in and it runs. In purchasing a wireless routere and connecting it to my ISP's network, neither the place where I bought the router, nor the ISP, asked me if I knew what I was doing. Unless you are going to start requiing people to pass exams before they can purchase and operate computers and network equipment, don't expect them to know about security features that you think are second nature to be aware of.
Perhaps the manufacturers of wireless routers should be required to sell them with a default secured configuration, with the ability to turn off security being more of a hassle than leaving it on. If all manufacturers were required to do it, we might see some innovation in making it easy for your average consumer to implement secure home networking.
This is true in a lot of places. Unless you restrict access or put up signs, people are free to park on your residential property so long as they don't damage anything. People park on my residential propery all the time. Since they aren't damaging anything, and they aren't blocking my access to the street, I don't care. If it ever starts to bother me I'll put up signs telling people to not park on my property. Until then people are free to park on my propery without my explicit permission.
I've known people who had no clue they were leeching/mooching anything off anybody until I told them. People who actually thought that they could buy a wireless card for $40, and get free internet wherever they could find a signal. The people responsible for this mess are the manufacturers - selling routers and access points that are unsecured out of the box is a recipe for disaster (which is what we currently have all over the place) and yet they all do it. That has to change. Or at the very least, they need to include a big bold bright-colored card stating that it's unsecured and that the customer should make securing it his first priority. Most people who buy wireless gear don't know the first thing about security, let alone that their new gear comes set up so anyone at all can connect to it.
There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
If my house had a "Fastolfe's Widgets and More!" sign above it, and a reasonable person would think my home looks like a business. Bear in mind that in many older cities, buildings have been converted from homes and apartments into shops and businesses with little change in the appearance of the building. In these areas, it's the signs that make it clear.
That's just stealing, and you'd get in trouble for it even if my home were a legitimate business. When it's snowing outside and you walk into a store, you're "taking" their heat and shelter. They have to pay money to keep you warm and dry. Are you leeching off someone else's dollar? Let's assume you entered the store specifically for that reason, and you have no intention of shopping there. Even that isn't illegal, or even legally actionable by itself. They're free to ask you to leave, however, if/when they discover that you aren't a real customer.
The difference between someone leeching and someone making legitimate use of something legitimately shared rests entirely with the intent of the owner of the access point. Unfortunately, 802.11 does not distinguish between someone legitimately attempting to share their access point with little or no compensation, and an idiot plugging in an access point and bulldozing their way through every question/setting that prevents their wireless laptop from working, without reading the instructions or understanding the ramifications of their choices.
Think of a row house where someone puts a fake business sign on their door, and some fake "We accept Visa/MasterCard" stickers on the window, because they think it'd be funny. Do they have a right to call the cops on every person that walks through their front door thinking it's a business? A proper solution is to put up a sign that says "Not open to the public" or take down the signs that make it look like it is. In 802.11 terms, this means securing the access point.
A person commits an offense if the person knowingly accesses a computer,
computer network, or computer system without the effective consent
of the owner. (bolding mine)
I see we have a clause that exempts anyone if they haven't been asked.
If the cops come to arrest you, you can simply plead the 5th but they'll most likely not even bother if you claim ignorance that you thought you were getting free wireless.
Seriously... At my support job, I've run into more than one person that seriously though Linksys was a service provider they got for free with the computer. I had someone call me on a train on his cell asking why he couldn't connect to the internet like at home with his wireless and they thought they could connect form anywhere.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Look, you're in the wrong, just give it up!
You keep changing tack all over the place - the point has been well established that inviting people to use a service gives explicit permission to USE that service, additionally there may be conditions of use however this is not required.
Therefore do you make it de facto impossible to give the gift of WiFi, or do you not? One way does require some pain - after all, users may have to (gosh!!!!) understand a little about what they're buying, however that should not stop this as this is the entirely correct and sensible extension to existing case laws.
Unfrotunately in the UK we already have an anti-common sense law; the Computer Misuse Act makes it illegial to use someones computer systems without their permission. Very difficult to use the web in theory....
OK, I have to concede your point that "willfully ignorant" is at least informed enough to know that you're ignorant, but I disagree with your car analogy. A car owner is expected to know that you have to put gas in the car if you want it keep running, if the inside is too cold you move this lever from the blue lines to the red lines, that you should put air in the tires occasionally, and take it to a garage for an oil change every three months. Any machine (appliance, electronic, garden tool, garden spade) requires a bit of knowledge to use it properly, and computer equipment is not an exception to this. Some theories of "user friendliness" involve dropping the "computer literacy" to ridiculously low levels. To stretch another analogy, you would expect a toaster to be able to tell when the bread is done, but you wouldn't expect it to be able to plug itself in and get the bread out of the breadbox for you.
You don't need to know what frequency band or collision detection scheme wireless uses in order secure it any more than you need to know how to build a car from scratch in order to check the oil. If somebody can't be bothered to change the defaults of their access point then they don't have the right to complain that somebody else is using it. If you set up WEP and somebody hacks through it that's a different matter, but this was an open network.
.... than clsoing your access point.
If you leave it open it is ambigious or unknown what your intentions are, even if you put a GetOut SSID
IANAL but write like a drunk one.
By leaving your AP open you leave it completely open to interpretation if you want people to use it or not.
Frankly people leaving it open should be assumed to be invinting others. The onous of securing the access point should be in the owners, not in the people within range that may even connect unknowingly.
Why morons all around the world are putting blame in the wrong person baffles me.
IANAL but write like a drunk one.
This is a country where when the oposition is campaining they are sued for defamation if in their opinion a government official is not doing his job.
I leave it to you to guess how many cases has the oposition won.
IANAL but write like a drunk one.
-Don't kill young adults for being drugs mules.
-Don't execute nannies after years of abuse.
We may have some misconceptions, but some other conceptions are base in hard facts.
IANAL but write like a drunk one.
In many really free countries nobody bats an eye lid if somebody is haveing a sandwich or a drink in the underground or a bus.
IANAL but write like a drunk one.
You have freedom, unless you are an oposition candidate, you say a government official is not doing his job, and then you are sued for defamation.
And I think nobody will have too much work guessing which way the judicial power leans whenever such case is heard.
Many Sinagaporean opposition politicians have been bankrupted this way.
To pretend that Singapore has free elections is a vulgar lie that should be denounced wherever one sees it.
IANAL but write like a drunk one.
The network was wide open.
If you are going to especulate, at least part from correct assumptions.
IANAL but write like a drunk one.
What you're missing here is that an open AP literally broadcasts invitations. (An invitation in this context can be defined as symbolic communication offering a free service.) An analogy that lacks this component is too weak to be useful. I defy you to come up with one in which it is clearly wrong to take a literal invitation seriously.
From a technical point of view it is perfectly legitimate to connect to a service that is not secured. That is how any protocols are desinged to work, WiFi is not any different.
A router is not private property in the same sense as a house, specially if it is broadcasting its presence beyond the property of the owner. The analogy is completely flawed and it should not be used.
If you want to ascert your rihgt to control access to your AP then all the tools are provided, it is your by laziness and misinformation that owners of AP don't do so.
IANAL but write like a drunk one.
... to which some people will go to make a cheap point.
TO any reasonable person it is glaringly obvious that a cable box, just because sits outside your property, is not an open invitation to make your own connection from there.
An unsecured wireless AP in the other hand is fucking sayin " Hello! I am here! I am unsecured!"
How you can compare one with the other is left as an exercise of the unexplainable.
IANAL but write like a drunk one.
We are not talking about property or tresspassing, we are talking about protocols.
If you don;t close your AP the network is open.
If you secure it it is closed.
How much clearer can we get?
IANAL but write like a drunk one.
But the people saying the opossite using a similar analogy are also wrong.
We don't need analogies.
If the AP is open, you can connect.
If the AP is secured you can't.
That is how it was designed to work, if people are not using it correctly it should not be brought to bear against the people that are using the standard correctly.
IANAL but write like a drunk one.
Everyone here that makes a reply of the form "An open access point should be treated as an invitation to use it", please also post your home address.
Why would they do that? That would be, as you say, an INVITATION to come into their homes. On the other hand, that's EXACTLY what an unsecured access point is doing. Broadcasting a very clear, unequivocal invitation: "I'm here, my SSID is such and such and my channel is such and such, please associate at will."
If Slashdotters don't want Internet freaks coming into their homes into the middle of the night, they will rightly refrain from posting their home addresses here. Similarly, if home wireless users do not want their access points broadcasting a CLEAR, UNEQUIVOCAL INVITATION to use their services, they will configure them accordingly.
They don't know what they don't know.
Is that you, Rummy?
Are you going to tell me that you actually read the owner's manual that came with your car? And let's be honest - *most* people even only know that they need air in their tires when the guy at the gas stations TELLS them that they do.
And you know that HOW? There is no mention in that very brief article that the connection was protected, encrypted, or anything else. But given the fact that he was charged because the person who DID own the connection complained - had KNOWLEDGE of what was happening - I would guess that that it was, in fact, protected, assuming that anybody who had the wherewithal to know his link was being used would also be literate enough to protect it - which implies hacking.
I will, however, freely admit that I have no more basis in fact for saying that than you do to say that it *wasn't* protected.
So I guess it's okay if your neighbor taps into your phone line, gas main, and cable TV, if any of those cross his/her property at any point.
Toronto-area transit rider? Rate your ride.
Everything you say makes sense, but what is the chance if you are using someone else' wifi broadcast that you will be sharing. This was done intentionally - I consider this a setup, I mean most people don't have a clue about there wifi routers, so to be able to catch your neighbored that means you indignantly didn't secure your network (router) just to prove something or publish to your nation what's to come for dose that don't respect a regime rule LOL! Man, this nations with there rules are like ticking time bombs.
If you offer me network access by offering access via a public radio frequency, and you have your network configured to access the internet, then you have implicitly invited me to use your internet connection, legally speaking. Is it a punk move? You bet, but it isn't illegal.
If you put a splitter on the antenna-out cable from your cable box and run that cable into my house and label it "Use Me", then I could legally watch the game on your dime--much like you broadcasting your 802.11 SSID into my house from next door.
They've put little disclaimers on the advert towards the last stretches of it's TV airtime, but I believe the damage has already been done.
Now, what is really an example of an ethical problem is that the big WiFi vendors (Linksys, Netgear, DLink, etc.) sell these big signs in languages they know their customers don't understand, and no one thinks maybe THEY should be responsible. Every power tool or appliance in my house except for the computer equipment is literally wallpapered with useless warning labels telling me not to do obviously stupid things like using the hair dryer in the shower. I'd trade those 10-for-1 for sensible warning labels or just a proper default on these WiFi routers. With uPnP (assuming it works -- I don't actually use it), shouldn't they be able to (upon first connection) pop up a "Hi! I'm Buzzy! I see you're trying to use a new WiFi router! I'm going to assume you want that to be secure! If that's not the case, click 'No' below!" *
I don't mean to make an argument that someone should be able to use your private network, or any private network. I don't even think it needs to have encryption on it. It just needs to not be broadcasting that it is an open network. These ARE. They do it the same way that the Panera down the road does. They do it just like the lobby of the hotel. They do it just like the local bookstore and the library. My PC connects to them automatically - it's set to do THAT by default. If it didn't, Panera, the hotel, the bookstore and the library might as well not bother -- most of their clientèle wouldn't be able to figure out how to connect to the service they want to offer. If private networks would stop broadcasting that they're open networks, THAT would take ALL, not most, of the second guessing out of the situation. So educate people. Tell them they're literally screaming "Come on in!" to anyone nearby. Write the vendors. Complain about the defaults. Complain that the vendors should warn their customers of the risks their product opens their network to. These are all good ideas. Changing the protocol because some vendors made stupid defaults is a bad idea. What do we do when CheapNetSys starts selling routers with FREEWIRELESS** as the default? Change it again? Put people in jail for using networks with FREEWIRELESS as the SSID? Believe me, most people will have just as much clue about the SSID then as they do now (none).
* BTW, this goes DOUBLE for the WiFi routers that come bundled with the cable / DSL modem from the ISP.
** I know it was just an example, but I feel compelled to point out that this particular solution won't work because it doesn't address the default behavior of most current WiFi clients, which is to connect to all open networks, and it wouldn't work where different adjacent public WiFi systems exist.
"Don't know what they don't know" IS willful ignorance. They don't know because they don't WANT to know. Should a company that makes toasters be liable for someone using their toaster in the bath getting electrocuted? If you're going to operate a device you should have to know how to use it. If you saw your own arm off using a chainsaw improperly it is your own damn fault. If you start having sex out on your front lawn you don't have any right to complain about people watching you.
Here in Sydney having an open AP is an invitation for free usage.
Wardriving is a perfectly legal pastime.
It is only if there is any security or notification that it becomes a crime to use the service.
As soon as there is a security layer in place even if they use WEP,
or something else similarly easy to crack, it makes no difference.
Anyone accessing the network without authorisation is now breaking the law.
So choose an appropriate security layer depending on whether you want to actually
want to prevent people using the service, or just be able to take them to court.
(May be a bad example)
This is similar to the awefully inadaquate DRM that is in place...
The 'but it was easy to break' excuse doesn't hold up.
(disclaimer: I am not a lawyer, just a network security student)
"If we knew what it was we were doing, it would not be called research, would it?" - Albert Einstein
But there is the second half of that: People are expected to be able to plug in the toaster, load it with bread, and press the start button. Having a WAP figure out how much security you need and which devices are yours (and therefore allowed to connect) would be the equivalent of the toaster that plugs itself and loads itself.
I haven't read it cover to cover or anything, but yes I've seen the inside of it, particularly the scheduled maintenance sections. Of course, I also had to take a class and a driver's test before I was allowed to use the car in the first place. You're right about most people's lack of knowledge about the workings of their car, though. But if they don't check the tires, and they don't designate somebody else to, then they take the consequences of not doing the maintenance: tires wearing out too soon, low mileage, getting stranded by the side of the road, and etc.
There is a one-liner in the article about how most wireless adapters are configured to find open access points. This isn't much more than a hint that it was a wide open network, but it is a hint.
Yes, it is wrong. The user agreement for virtually all ISPs does not allow their users to share their internet connection wirelessly, no matter how generous your neighbors feel. Permission is not theirs to give.
But that doesn't make it wrong of me to accept their freely given invitation. They may or may not be in the wrong for extending it depending on their contract with their ISP but that's none of my business.
You keep changing tack[sic] all over the place - the point has been well established that inviting people to use a service gives explicit permission to USE that service, additionally there may be conditions of use however this is not required.
Erm... I was not the one changing tact all over the place. The original poster presented the moving target.
Regardless, the point "well-established" is only "well-established" to people who have a firm conviction of what you just said. I am trying to open their minds that "geek convention" is not necessarily societal convention.
I'll reiterate one more time: a technical argument is not a worthwhile argument in the normal, average, day-to-day sphere. Preaching to the choir may be satisfying, but if you change churches, expect a different response.
That is my point, and it always was.