Slashdot Mirror
Jailtime For Leeching Wireless?
jginspace writes "A 17-year-old from Singapore is is facing three years' jailtime for accessing his neighbor's wireless network.
His neighbor complained and now the unfortunate Tan Jia Luo is facing charges under the computer misuse act and is scheduled to appear in court on Wednesday."
More details at the local HardwareZone Forum:
Teen, 17, first to be charged with unauthorised wireless Net access
By Chua Hian Hou
A 17-YEAR-OLD polytechnic student has become the first person here to be charged with piggybacking on someone else's wireless Internet connection.
Garyl Tan Jia Luo was accused yesterday of using a laptop computer to gain unauthorised access to a home wireless network on May 13 this year.
If convicted, Tan faces up to three years in jail and fines of up to $10,000 under Section 6(1)(a) of the Computer Misuse Act.
Tan was released on $6,000 bail and is scheduled to appear at the Subordinate Courts on Wednesday.
Court documents did not describe the circumstances in which Tan was arrested, but The Straits Times understands that a neighbour near his Casuarina Walk home had lodged a complaint against him.
While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here.
Most modern notebook computers and personal digital assistants (PDAs) have the ability to sniff out unsecured networks and hop online for free with just a few clicks.
There are numerous guides online that describe how to do this and the low cost of wireless networking equipment means that most HDB or condominium blocks have unprotected networks users can log on to.
Said Mr Cheo: 'People assume, wrongly, that since it is there, it is okay to use it.'
Mr Aloysius Cheang, the chairman of local infocomm security association, the Special Interest Group in Security and Information Integrity, said: 'Most people probably do it because it is convenient, or because they are cheap and want free Internet.
'But, for some, it is because they want to do something illegal like defaming someone or downloading pirated MP3s, and they don't want the activities traced back to their own network.'
In the online world, there are even special terms for it, like 'wardriving' and 'Wi-Fi mooching'.
The problem, said lawyer Bryan Tan, is that while most people know that mooching is not quite legitimate, they probably do not know that it can be treated as a serious offence.
'Blinkered by the convenience and allure of ?free Internet', people don't realise that mooching is the virtual equivalent of trespassing,' he added.
Likewise, many users do not seem to realise that they can block moochers simply by installing a password on their Internet connections.
For most users, the only indication they get that someone is mooching is when their connection speed slows down, though Mr Cheo said software tools are available for download that can track who is using a network and what they are doing on it.
While the case is the first of its kind here, there have been at least two similar arrests and convictions in the United States.
In some countries like Holland, Mr Tan added, Wi-Fi network owners can even be held liable by the courts for crimes committed on their unprotected networks.
chuahh@sph.com.sg
1. Don't take any of the many simple steps I could take to lock down my network despite the fact that many devices are designed to automatically lock onto any open wireless network.
2. Rename wireless network free help yourself.
3. Insist that charges are pressed against my neighbours.
4. Buy their houses at low low prices and use the space for an indoor pool and a bowling alley.
Think of the Children; Sleep with your Sister
Putting aside the fact that running an unsecured network should also be a punishable offence in this day and age, the kid was still in the wrong. Just because you can break into a network does not give you the right to do so. The question is whether or not he did it on purpose or if it was just another stupid Windows box attaching to the nearest open wireless access point (I've lost count of the number of times I've accidentally attached to my neighbour's WAP [1] ... telling Windows not too is like pulling teeth).
I just hope the conviction isn't too harsh. A fine would be more appropriate than jail time.
[1] And yes, I have told him to fix it. Even did the neighbourly thing and secured his network for for him. The following day he removed my configuration because "he didn't like entering a password". He'll learn the hard way eventually.
The problem is that while some people are clueless and don't secure their wireless, other people have a sharing nature and leave theirs open on purpose. How the heck do you tell the difference?
On my work trip to Singapore, I knew that chewing gum was not legal there. So I went to the local convenience shop, and of course there was no gum, but a large assortment of legal candies. As an internet tech goon, I was drawn to the little plastic box (similar to TicTac) with little purple sugar pills labelled "I Love Flash". Oh and those Singapore immigration landing cards are a hoot, with large red friendly letters "possession of drugs is punished by DEATH'. Of course the US is not THAT bad...
From Hardwarezone:
``While the case is the first of its kind here, there have been at least two similar arrests and convictions in the United States.''
OMG BUSH PWNS CIVIL LIBERTIES!!
Please correct me if I got my facts wrong.
Here's some more rediculously stupid headlines:
Man wakes up, runs three miles, reports fatigue afterwards
Clam chowder eaten in Maine. Witnesses report "extremely tasty!"
American tourist in London says "These people have a funny accent."
Birds all over planet still flying.
I mean, come on guys. This is Singapore. Their legal system is so draconian it makes the Patriot Act look spectacular.
"The Punishment Does Not Fit The Crime"
My understanding is that Singapore's punishment for littering, vandalism, drugs, and most everything else, is far more severe than most liberal democracies would tolerate. It is NOT surprising, therefore, that he is facing 3 years / $10,000 fine in Singapore, whereas in a western country he would likely face < 1 year + < $3,000 fine for a first offence of a crime of this nature, unless he was caught using the wireless access to do something else illicit, like download child pornography.
Singapore is a police state. It is not a liberal democracy. It is unfortunate that he is facing such a harsh sentice for such a minor crime, but it should not be unexpected in an unfree country such as this.
Not to end on a trollish note, but honestly, if you believe that caning and a lengthy prison sentence is a fair and just punishment for spraypainting a wall, then I would suggest you try living in a country that practices such harsh punishments, and see how long you like it there.
What was really funny is that Singapore has laws against wasting water, but then they also have laws requiring you to flush the tiolet in public places. So people got all scared that it was illegal to poop, because if they flushed they could be fined for wasting water and if the didn't they could be fined for not flushing. Of course, they couldn't complain about this problem because it would embarass the government and bring penalities upon them too, so to my knowledge it is still technically illegal to poop to this day, unless they made added an extension for a signle flush.
.... yeah whatever)
Also, I renember discussing with people when gum was banned in 89 (? I think). Contrary to myth, it wasn't to keep the sidewalks clean. It was because they engineered their subway system so poorly and so stupidly, that if you blocked one door - that none of the other doors would work and the whole freakin system would shut down. It wasn't long before kids discovered that all they gotta do is stuff their gum in the door on the way out, so then the doors couldn't shut, the subway couldn't move, and the whole freaking system would go out of service. So basically it was a stupid law to hide the faults of a stupid system. If that is the perfect description of Singapore then I don't know what is. (Singapore inc. as they call themselves
To all of you that say he wasn't doing anything malicious: how do you know? And are you using your definition of malicious or the owner of the WAP? If my connection was open(it's not) and someone wanted to check their email, I wouldn't mind. Someone else might. However, probably everyone would mind if someone slammed their connection with torrent traffic 24/7. It might be all "legal" traffic, but it would still be damnned annoying, and malicious in my book.
The only real solution I see to this is to secure ALL wireless networks out of the box. It would keep windows from auto-attaching, and would make anyone logging into one liable if someone complained. The argument "well I didn't know I wasn't supposed to be there" goes right out the window. Then, if you decide to unlock your network, everyone knows that you meant to, and not that you're some fool that said "I want a wireless network! yay!" without knowing what that really means.
The problem here is that many people purposfully leave their wireless open so that others can use it.
When I first turned on a new mac notebook recently, it auto searched for networks and found one. Would using that network be wrong?
Yes, it is wrong. The user agreement for virtually all ISPs does not allow their users to share their internet connection wirelessly, no matter how generous your neighbors feel. Permission is not theirs to give. If a friend of mine had 1 Bears football ticket and tried to sneak me in with him, we would both be in the wrong.
--
-- All that is necessary for the triumph of evil is that good men do nothing. -- Edmund Burke
Heck, even the economic growth rate is a state secret!!!!
Feh. Singapore: Disneyland with the death penalty (William Gibson)
Says who? Do you own a provider that stands to profit from selling EV-DO service?
I have a (firewalled) access point that has the SSID "UseMe". I *want* people to be able to get free Internet access. They aren't able to jump onto my personal network, just use the Internet for free. Sometimes handy if you're driving, have a laptop, and need to pull up Google Maps for directions.
-b.
Do they have any oil? I think the Singaporeans need to be "liberated" a la Bush 2.0 :)
Bill Clinton: Pimp we can believe in. - The Shirt!!!
False. Yes, most consumer ISP service agreements forbid this. There are significant exceptions. And almost any ISP that has any non-consumer operations will sell you a connection that you can share if you're willing to give them enough money. I have a "legal" open wireless network, with the permission of my ISP, and so do lots of other people. There is no reason my users should assume my network isn't legitimate.
If you leave a network wide open, you are doing the only thing you can to invite people to use it. Absent information to the contrary, there's no reason it should be forbidden to assume the good faith of such an invitation. If your ISP service agreement doesn't permit you to share the bandwidth, then you need to close down the network, or somehow put people on notice that they can't use it. Only you, not the users, are in the wrong if you don't.
I was recently driving down a country road up in the mountains and the passenger and I had to use the bathroom so I took a side road that went about 15 feet and ended in a small forested clearing. We got out and did our business then 2 county police SUVs pulled up and after about a 45 minutes of threats and questioning we were both handcuffed and arrested on charges of criminal tresspassing II (Outdoor tresspassing) After spending the weekend in jail I was arreigned and got to read the police report. Apparently this was a private driveway for a house that will be built the following year and the owner saw us from the housee he is living in now which is up on the hill. Now there were no private driveway or no tresspassing signs on the driveway which probably would have turned us around but it is the law and after talking to my lawyer it seems hopeless to fight this charge (Our town has a population of around 900 people and the good old boy system is extremely hard to break without spending a small fortune to bring a lawyer from a larger city such as Seattle or Bellevue in to fight for you. As of this time the state is asking for 180 days in jail with 170 suspended and a total fine of $1850 with 2 years of supervised probation and random drug testing. Seems somewhat of the same to me as I also run an unsecured wireless network and I dont mind if people log in and use my network. It seems to me that if you dont want someone using your network, take a second to read your router's manual and put a password on it. Then there are always the people who just set traps like building a driveway 30 miles up a dirt road and not putting a sign or gate on it and wait on a hill with binoculars waiting for someone to tresspass....
Nope...just bought a new Linksys...and no security is on by default.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
The way I see it, if I open up an insecure wireless network, I also tell others that they too are invited to it.
An open network is OPEN.
A password-protected network is CLOSED, but open to those who have the password.
If anyone hacks the password-protected network and bypasses the password protection, this is trespassing and misuse.
I live in a large house with lots of apartments with many neighbors who possess such unprotected networks. What if my router is down and my laptop connects to one of these networks? Am I then going to prison, because I never noticed it? Hell no.
Full Tilt
>Before everyone flies off the handle here, remember that this is happening in Singapore, who has much more draconian law enforcement than the US or Europe.
Examples:
However, law-abiding Singaporeans, though trouubled by the principle of such punishments, seem pretty darn happy with their prosperous and sqeaky-clean city-state. It is every autocrat's dream. I think that the case of Singapore demonstrates that democracy isn't a prerequisite for a effective government. A also think it's interesting that the West counts Singapore as one of the "good guys" despite its antithetical form of government: It belies that, when American presidents speak of "spreading democracy," they really mean "opening up markets" -- and if your market is open, they don't so much care about democracy itself. (In the case of Singapore, that is nevertheless a good thing, because Singapore's government works.)
I do hope that in time Singapore becomes more liberal on its own. Because many Singaporeans, though reasonably satisfied, do feel the same way, I expect that will happen. Modern, enlightened countries can't keep laws on the books for killing people just because they are gay [or for killing anyone, for that matter (you listening, U.S.?)].
Why not just name it "JoeSchmoe" or whatever your name is and use strongest encryption? "GetOut" seems like waving a red flag in front of every 1337 script kiddie that wants to impress its friends by hax0ring.
-b.
Uh, an open AP is literally an invitation. Nobody is hacking your wirez, you are actually broadcasting the availability of a service. Another great example of getting pissed off at someone else because you didn't read the damn manual. It's a FIVE PAGE BOOKLET. It HAS PICTURES. They literally DREW A PICTURE FOR YOU.
Literalism isn't a form of humor, it's you being irritating.
So, I assume that you call the operator of every Web server and get permission before you connect to it, right?
No. You don't. You don't because setting up a Web server, and not doing anything to restrict access to it, implicitly authorizes people to use it, at least in any "normal" way.
You also don't look around for an "OK to drink" sign before you use a public drinking fountain. Not even when that fountain is on private property. Also, by the way, you don't go around inquiring whether the drinking fountain operator has an agreement with the water company that permits her to give away the water. You just drink the damned water.
We're talking about what norms should be established in a relatively new case. I claim that the norms should be consistent (meaning that the same norms that apply to T-Mobile should apply to me), that they should be practical (meaning that there's a reasonable way to have an open network and an reasonable way to have a closed one), and that they should comport with the way the installed technology behaves (meaning that, since the default configuration of practically every computer is to connect with any available open network, that behavior should be expected).
The people who want closed networks already have methods available to them. It's trivial to mark a network as not being available-- don't beacon the SSID, or turn on MAC filtering, or turn on authentication or encryption. Those are simple, reasonable ways of marking the network as closed, and they work within the technological framework. Asking me to talk to every user or post a sign goes outside the technological framework and is an unreasonable burden.
I suspect how this person was caught would explain why he was arrested. If he lived in an adjacent apartment, and quietly surfed on his neighbors signal I suspect the chances of getting caught are extremely slim. On the other hand if he sat outside the guy's doorway and taunted him about stealing his signal, I suppose that would be another matter. It is highly likely that this person did something to provoke his neighbor. If you knew how to track down a person stealing your wireless, it is unlikely that you would have an unsecured connection.
"While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here."
Mr. Cheo, I have an Idea.
How about making those Linksys WRT54G routers, which can be found in every house including dog houses doll houses and outhouses, secure?
Why is it I can find an "unsecured wireless network" named "linksys" on any neighborhood street in America? And why would Cisco claim to be concerned with the matter - or are you simply more concerned with the matter that securing your boxes out-of-the-box would drive up support costs and drive down sales? (Rhetorical question.)
I have an ISP that allows me to share my service. I want to make it available to those around me.
How do I tell people it's free and available, without them connecting to me first?
I run a web site. I want customers to access it. How can I let people know it's free and open, without them connecting to me first (and potentially "tresspassing" in the process).
The answer to both is simple, and should be handled similarly to how physical property is handled. A front door is an invitation to tresspass, long enough to state your business (it has to be so, or you could never visit anyone). Trespass is when you extend your stay once you have been told to leave. With computer systems on publically accessible networks (internet), or publically accessable airways (wifi), the only sensible solution is to have a password or other authentication on things which shouldn't be public. When you get a big "Access Denied" message, it should be a hint that what you are accessing is considered private.
Do you really want to live in a world where you need prior written permission to visit a neighbor, visit slashdot, or use the wifi at starbucks?
Technically, functionally, you may be right. Morally and ethically might be a different question.
The main question is..."if it is unsecured, is that a specific invitation to use it?"
Morally and ethically, if I buy a yard decoration that has "Dulces Libres Aqui" painted on it, I don't then get to turn around and sue a bunch of hispanic kids for trespassing because I don't know Spanish. We wouldn't have a problem if judges understood that internet protocols they've never heard of like SSID and DHCP broadcasts are languages in which offers can be made, just like Spanish and just like protocols like HTTP they have heard of.
Seriously, if you don't don't trust those "technical, functional" protocols to grant you permission to use network resources, you just shouldn't use the internet at all. You've probably got written permission to use your ISP's routers; how much other "moral, ethical" permission do you have? Are you sure Slashdot's owners want you hitting their website? HTTP servers are configured to be open-by-default just like wireless routers, you know - perhaps Malda just never got around to disallowing your IP block. You could mail him a letter to ask, but that'll get pretty tedious if you have to do hunt down the owners of every computer that has only given you "technical, functional" permission to access it. At some point you just have to trust that when the network service says "please take this (web page|IP address|etc) you asked for", it's telling the truth.
Yes. An unsecured wireles access point is constantly sending out an invitation to every device nearby. It's broadcasting "Hey, I'm here, connect to me!" to every device nearby.
So yes, leaving a wireless access point unsecured means it's constantly and actively inviting everyone to connect to it. It's not just sitting there waiting for connections (like a HTTP server, for example), it's like a spammer sending e-mails with connection instructions to everyone nearby.
This is not an opinion. This is how the Wi-Fi protocol works. Leaving an access point unsecured means it's constantly sending invitations to connect to every device nearby. Maybe that's not what the owner meant, but it's what his actions (or inaction) amount to anyway. And I, for one, am starting to get a bit tired on having to walk on eggshells because some morons can't be bothered to RTFM.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Easy. I don't trust my neighbors not to download kiddie porn on my network. Maybe it's because there are registered sex offenders near me, maybe it's because I'm paranoid, but I like avoiding the FBI thank you.
When 42 guys in suits go walking, someone's gonna die.
:D
Once upon a time, Al "Scarface" Capone was arrested for tax evasion. But that isn't why he went to jail. '42 guys in suits' is the name of a song written about the accountants who were used to prove this case.
For someone to be arrested for such a small crime, his neighbor had to be annoyed to the point of calling the police (cause they don't go around looking for war drivers) and the police had to of had an interest in this guy for some other reason. (More or less, don't quote me on this)
So I would infer that this is not the case where someone was logging into an unsecured wireless broadcast, as people are complaining about. He probably hacked into his neighbor's wireless and refused to stop when his neighbor found out. Even at that point, the police probably wouldn't arrest him (do people get arrested for noise complaints?) I suspect he was also doing something illegal which he was masking using the wireless access, and the police did not have enough evidence to prove it was him. So they grabbed him using what they could.
Though the alternative is funny. One day Cedric's laptop which is turned on in his backpack connects to an unsecured wireless network as he is walking through the park. The SWAT team jumps out from the surrounding bushes and trees and throws him groundward at gunpoint. He is sentenced to one year hard labor at the local quarry and his laptop is confiscated. Sadly the locker which it is stored in is adjacent to a coffee shop with unsecured wireless, and thus Cedric's sentence increases to the point where the government decided to send him to the gallows. Cedric's will then bestows the laptop to his mother...
Please moderate parent informative. I am Singaporean, and most of the misconceptions about Singapore's infamously draconian laws are highly exaggerated. The Singapore Police Force relies more on the threat of such laws and the occasional example being made to ensure social order, rather than the actual enforcement of such laws. This has resulted in a population that is obedient, self-policing, and politically apathetic; every politician's wet dream.
If you can't bother to tell people that this is private (the moral equivalent of installing a fence with a gate), then yes, you are inviting everyone to use your router. I don't care to hear anyone bitching that it's too technical, either. A subliterate moron could figure this stuff out.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
The neighbor knew how to check if someone is using his wireless network, but doesn't know how to secure it? An open wireless network is an invitation for anyone to use it.
Internet access through a wireless network that is probably connected to a ADSL modem has fixed costs. The guy really didn't lose anything. So he just doesn't want anyone else to benefit from something he has paid for.
The charged teenager is 17 years old. The neighbor could have told his parents what he was doing and they could have told him to stop or take away his computer...
Sounds like the neighbor wanted someone to use his network, so he could sue them.
In many jurisdictions, there is a "reasonable person" test that would probably apply here. Businesses don't have locked doors, and it's not trespassing for you to enter them without explicit permission. But the fact that there's a business name above the front door, and their front door is unlocked, is usually enough for one to assume that permission is implied.
A wireless access point that is *announcing* itself as being open could be considered implied permission to use it. Note that the access point doesn't just have a sign on it that says "open". It is actively beaconing its "openness" to solicit users. This is all defined as part of the 802.11 "contract" between computer systems, and just because some owners don't understand what they're doing when they set up an 802.11 access point doesn't mean it's unreasonable for others to assume they do.
Of course, when the owner of the access point tells someone to stop using it, that implied permission no longer exists, just like a business owner can tell someone to leave their store. You've been asked not to use it, so any continued use is legally actionable (though it still may not be illegal, depending on the laws in your area).
of someone's life, then it's worth spending some time to harden it in the first place.
Yes, what the guy did was wrong, yes he should be punished, but 3 years for the next best thing to entrapment?
If you reported your car stolen after leaving it unlocked with the engine running and the keys in the ignition in a bad part of town you'd be laughed out of the police station.
Stealing the car is still wrong, but surely you can't expect it not to be stolen under those circumstances. Doesn't that make it entrapment?
Why is it that the IT equivalent of exploiting such gross stupidity is demonized?
To add to this:
h tml
Singapore has a fledging homosexuality and just released a book about gay people living in Singapore, to great fanfare (there was a book signing at Borders on Orchard Road and LOTS of press about it)
Whilst Marijuana use isn't punishable by death, having a set amount (and this amount really is quite small); is considered ownership with intent to distrubute and is punishable by death. I spent my last two years of highschool in Singapore, and one of the students in my year level had to flee the country after being discovered by the school as having a 'death-sentence' quantity cannabis in his possession.
You are correct about the freedom of press, having said that, you can still write about race or religion as demonstrated by this hilarious and underappreciated book that deals with religions, race (malasya vs singapore for example), government censorship, etc: http://www.bigomagazine.com/theshop/books/skewme.
I visited relatives in Spore and switched on my WiFi PDA. I immediately got on line. Problem was I suddenly realised i wasn't using my relatives WiFi. I did some quick research and found 3 strong and one week network was available (all open for me). I had to go and ask my relatives which was their network. Basically houses and apartments in Spore are pretty close together. I would think the need is more to educate the people, who open up the networks, to make them difficult to enter, b4 prosecuting users. Of course we don't know the background to this incident and how much and for what prupose this person used the open network.
This is NOT breaking into someone else's airwaves. I am sorry, but if you send unsecured packets through the airspace in my home then I feel completely free to use them as I please. Either: a) use encryption or b) a low intensity signal. The supposed equivalent of breaking into someone's homes just because the door is locked is wrong, the correct analogy is someone leaving stuff inside your kitchen and you taking it...
Yes, I realize that sometimes people will accidently end up on an unsecured network that's not theirs -- but that's more like shooting the 4 year old who ends up playing 'doctor' with the 3 year old... He should get a firm talking-to, but throwing the 4-year old in jail for statutory rape is just a stupid as telling the 3 year old that it's all her fault.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
If my house had a "Fastolfe's Widgets and More!" sign above it, and a reasonable person would think my home looks like a business. Bear in mind that in many older cities, buildings have been converted from homes and apartments into shops and businesses with little change in the appearance of the building. In these areas, it's the signs that make it clear.
That's just stealing, and you'd get in trouble for it even if my home were a legitimate business. When it's snowing outside and you walk into a store, you're "taking" their heat and shelter. They have to pay money to keep you warm and dry. Are you leeching off someone else's dollar? Let's assume you entered the store specifically for that reason, and you have no intention of shopping there. Even that isn't illegal, or even legally actionable by itself. They're free to ask you to leave, however, if/when they discover that you aren't a real customer.
The difference between someone leeching and someone making legitimate use of something legitimately shared rests entirely with the intent of the owner of the access point. Unfortunately, 802.11 does not distinguish between someone legitimately attempting to share their access point with little or no compensation, and an idiot plugging in an access point and bulldozing their way through every question/setting that prevents their wireless laptop from working, without reading the instructions or understanding the ramifications of their choices.
Think of a row house where someone puts a fake business sign on their door, and some fake "We accept Visa/MasterCard" stickers on the window, because they think it'd be funny. Do they have a right to call the cops on every person that walks through their front door thinking it's a business? A proper solution is to put up a sign that says "Not open to the public" or take down the signs that make it look like it is. In 802.11 terms, this means securing the access point.
This is a country where when the oposition is campaining they are sued for defamation if in their opinion a government official is not doing his job.
I leave it to you to guess how many cases has the oposition won.
IANAL but write like a drunk one.