Slashdot Mirror
Jailtime For Leeching Wireless?
jginspace writes "A 17-year-old from Singapore is is facing three years' jailtime for accessing his neighbor's wireless network.
His neighbor complained and now the unfortunate Tan Jia Luo is facing charges under the computer misuse act and is scheduled to appear in court on Wednesday."
More details at the local HardwareZone Forum:
Teen, 17, first to be charged with unauthorised wireless Net access
By Chua Hian Hou
A 17-YEAR-OLD polytechnic student has become the first person here to be charged with piggybacking on someone else's wireless Internet connection.
Garyl Tan Jia Luo was accused yesterday of using a laptop computer to gain unauthorised access to a home wireless network on May 13 this year.
If convicted, Tan faces up to three years in jail and fines of up to $10,000 under Section 6(1)(a) of the Computer Misuse Act.
Tan was released on $6,000 bail and is scheduled to appear at the Subordinate Courts on Wednesday.
Court documents did not describe the circumstances in which Tan was arrested, but The Straits Times understands that a neighbour near his Casuarina Walk home had lodged a complaint against him.
While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here.
Most modern notebook computers and personal digital assistants (PDAs) have the ability to sniff out unsecured networks and hop online for free with just a few clicks.
There are numerous guides online that describe how to do this and the low cost of wireless networking equipment means that most HDB or condominium blocks have unprotected networks users can log on to.
Said Mr Cheo: 'People assume, wrongly, that since it is there, it is okay to use it.'
Mr Aloysius Cheang, the chairman of local infocomm security association, the Special Interest Group in Security and Information Integrity, said: 'Most people probably do it because it is convenient, or because they are cheap and want free Internet.
'But, for some, it is because they want to do something illegal like defaming someone or downloading pirated MP3s, and they don't want the activities traced back to their own network.'
In the online world, there are even special terms for it, like 'wardriving' and 'Wi-Fi mooching'.
The problem, said lawyer Bryan Tan, is that while most people know that mooching is not quite legitimate, they probably do not know that it can be treated as a serious offence.
'Blinkered by the convenience and allure of ?free Internet', people don't realise that mooching is the virtual equivalent of trespassing,' he added.
Likewise, many users do not seem to realise that they can block moochers simply by installing a password on their Internet connections.
For most users, the only indication they get that someone is mooching is when their connection speed slows down, though Mr Cheo said software tools are available for download that can track who is using a network and what they are doing on it.
While the case is the first of its kind here, there have been at least two similar arrests and convictions in the United States.
In some countries like Holland, Mr Tan added, Wi-Fi network owners can even be held liable by the courts for crimes committed on their unprotected networks.
chuahh@sph.com.sg
1. Don't take any of the many simple steps I could take to lock down my network despite the fact that many devices are designed to automatically lock onto any open wireless network.
2. Rename wireless network free help yourself.
3. Insist that charges are pressed against my neighbours.
4. Buy their houses at low low prices and use the space for an indoor pool and a bowling alley.
Think of the Children; Sleep with your Sister
Putting aside the fact that running an unsecured network should also be a punishable offence in this day and age, the kid was still in the wrong. Just because you can break into a network does not give you the right to do so. The question is whether or not he did it on purpose or if it was just another stupid Windows box attaching to the nearest open wireless access point (I've lost count of the number of times I've accidentally attached to my neighbour's WAP [1] ... telling Windows not too is like pulling teeth).
I just hope the conviction isn't too harsh. A fine would be more appropriate than jail time.
[1] And yes, I have told him to fix it. Even did the neighbourly thing and secured his network for for him. The following day he removed my configuration because "he didn't like entering a password". He'll learn the hard way eventually.
The problem is that while some people are clueless and don't secure their wireless, other people have a sharing nature and leave theirs open on purpose. How the heck do you tell the difference?
"The Punishment Does Not Fit The Crime"
My understanding is that Singapore's punishment for littering, vandalism, drugs, and most everything else, is far more severe than most liberal democracies would tolerate. It is NOT surprising, therefore, that he is facing 3 years / $10,000 fine in Singapore, whereas in a western country he would likely face < 1 year + < $3,000 fine for a first offence of a crime of this nature, unless he was caught using the wireless access to do something else illicit, like download child pornography.
Singapore is a police state. It is not a liberal democracy. It is unfortunate that he is facing such a harsh sentice for such a minor crime, but it should not be unexpected in an unfree country such as this.
Not to end on a trollish note, but honestly, if you believe that caning and a lengthy prison sentence is a fair and just punishment for spraypainting a wall, then I would suggest you try living in a country that practices such harsh punishments, and see how long you like it there.
What was really funny is that Singapore has laws against wasting water, but then they also have laws requiring you to flush the tiolet in public places. So people got all scared that it was illegal to poop, because if they flushed they could be fined for wasting water and if the didn't they could be fined for not flushing. Of course, they couldn't complain about this problem because it would embarass the government and bring penalities upon them too, so to my knowledge it is still technically illegal to poop to this day, unless they made added an extension for a signle flush.
.... yeah whatever)
Also, I renember discussing with people when gum was banned in 89 (? I think). Contrary to myth, it wasn't to keep the sidewalks clean. It was because they engineered their subway system so poorly and so stupidly, that if you blocked one door - that none of the other doors would work and the whole freakin system would shut down. It wasn't long before kids discovered that all they gotta do is stuff their gum in the door on the way out, so then the doors couldn't shut, the subway couldn't move, and the whole freaking system would go out of service. So basically it was a stupid law to hide the faults of a stupid system. If that is the perfect description of Singapore then I don't know what is. (Singapore inc. as they call themselves
To all of you that say he wasn't doing anything malicious: how do you know? And are you using your definition of malicious or the owner of the WAP? If my connection was open(it's not) and someone wanted to check their email, I wouldn't mind. Someone else might. However, probably everyone would mind if someone slammed their connection with torrent traffic 24/7. It might be all "legal" traffic, but it would still be damnned annoying, and malicious in my book.
The only real solution I see to this is to secure ALL wireless networks out of the box. It would keep windows from auto-attaching, and would make anyone logging into one liable if someone complained. The argument "well I didn't know I wasn't supposed to be there" goes right out the window. Then, if you decide to unlock your network, everyone knows that you meant to, and not that you're some fool that said "I want a wireless network! yay!" without knowing what that really means.
False. Yes, most consumer ISP service agreements forbid this. There are significant exceptions. And almost any ISP that has any non-consumer operations will sell you a connection that you can share if you're willing to give them enough money. I have a "legal" open wireless network, with the permission of my ISP, and so do lots of other people. There is no reason my users should assume my network isn't legitimate.
If you leave a network wide open, you are doing the only thing you can to invite people to use it. Absent information to the contrary, there's no reason it should be forbidden to assume the good faith of such an invitation. If your ISP service agreement doesn't permit you to share the bandwidth, then you need to close down the network, or somehow put people on notice that they can't use it. Only you, not the users, are in the wrong if you don't.
Uh, an open AP is literally an invitation. Nobody is hacking your wirez, you are actually broadcasting the availability of a service. Another great example of getting pissed off at someone else because you didn't read the damn manual. It's a FIVE PAGE BOOKLET. It HAS PICTURES. They literally DREW A PICTURE FOR YOU.
Literalism isn't a form of humor, it's you being irritating.
So, I assume that you call the operator of every Web server and get permission before you connect to it, right?
No. You don't. You don't because setting up a Web server, and not doing anything to restrict access to it, implicitly authorizes people to use it, at least in any "normal" way.
You also don't look around for an "OK to drink" sign before you use a public drinking fountain. Not even when that fountain is on private property. Also, by the way, you don't go around inquiring whether the drinking fountain operator has an agreement with the water company that permits her to give away the water. You just drink the damned water.
We're talking about what norms should be established in a relatively new case. I claim that the norms should be consistent (meaning that the same norms that apply to T-Mobile should apply to me), that they should be practical (meaning that there's a reasonable way to have an open network and an reasonable way to have a closed one), and that they should comport with the way the installed technology behaves (meaning that, since the default configuration of practically every computer is to connect with any available open network, that behavior should be expected).
The people who want closed networks already have methods available to them. It's trivial to mark a network as not being available-- don't beacon the SSID, or turn on MAC filtering, or turn on authentication or encryption. Those are simple, reasonable ways of marking the network as closed, and they work within the technological framework. Asking me to talk to every user or post a sign goes outside the technological framework and is an unreasonable burden.
I have an ISP that allows me to share my service. I want to make it available to those around me.
How do I tell people it's free and available, without them connecting to me first?
I run a web site. I want customers to access it. How can I let people know it's free and open, without them connecting to me first (and potentially "tresspassing" in the process).
The answer to both is simple, and should be handled similarly to how physical property is handled. A front door is an invitation to tresspass, long enough to state your business (it has to be so, or you could never visit anyone). Trespass is when you extend your stay once you have been told to leave. With computer systems on publically accessible networks (internet), or publically accessable airways (wifi), the only sensible solution is to have a password or other authentication on things which shouldn't be public. When you get a big "Access Denied" message, it should be a hint that what you are accessing is considered private.
Do you really want to live in a world where you need prior written permission to visit a neighbor, visit slashdot, or use the wifi at starbucks?
Yes. An unsecured wireles access point is constantly sending out an invitation to every device nearby. It's broadcasting "Hey, I'm here, connect to me!" to every device nearby.
So yes, leaving a wireless access point unsecured means it's constantly and actively inviting everyone to connect to it. It's not just sitting there waiting for connections (like a HTTP server, for example), it's like a spammer sending e-mails with connection instructions to everyone nearby.
This is not an opinion. This is how the Wi-Fi protocol works. Leaving an access point unsecured means it's constantly sending invitations to connect to every device nearby. Maybe that's not what the owner meant, but it's what his actions (or inaction) amount to anyway. And I, for one, am starting to get a bit tired on having to walk on eggshells because some morons can't be bothered to RTFM.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
If you can't bother to tell people that this is private (the moral equivalent of installing a fence with a gate), then yes, you are inviting everyone to use your router. I don't care to hear anyone bitching that it's too technical, either. A subliterate moron could figure this stuff out.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
The neighbor knew how to check if someone is using his wireless network, but doesn't know how to secure it? An open wireless network is an invitation for anyone to use it.
Internet access through a wireless network that is probably connected to a ADSL modem has fixed costs. The guy really didn't lose anything. So he just doesn't want anyone else to benefit from something he has paid for.
The charged teenager is 17 years old. The neighbor could have told his parents what he was doing and they could have told him to stop or take away his computer...
Sounds like the neighbor wanted someone to use his network, so he could sue them.
In many jurisdictions, there is a "reasonable person" test that would probably apply here. Businesses don't have locked doors, and it's not trespassing for you to enter them without explicit permission. But the fact that there's a business name above the front door, and their front door is unlocked, is usually enough for one to assume that permission is implied.
A wireless access point that is *announcing* itself as being open could be considered implied permission to use it. Note that the access point doesn't just have a sign on it that says "open". It is actively beaconing its "openness" to solicit users. This is all defined as part of the 802.11 "contract" between computer systems, and just because some owners don't understand what they're doing when they set up an 802.11 access point doesn't mean it's unreasonable for others to assume they do.
Of course, when the owner of the access point tells someone to stop using it, that implied permission no longer exists, just like a business owner can tell someone to leave their store. You've been asked not to use it, so any continued use is legally actionable (though it still may not be illegal, depending on the laws in your area).