Jailtime For Leeching Wireless?

jginspace writes "A 17-year-old from Singapore is is facing three years' jailtime for accessing his neighbor's wireless network. His neighbor complained and now the unfortunate Tan Jia Luo is facing charges under the computer misuse act and is scheduled to appear in court on Wednesday."

More info

More details at the local HardwareZone Forum:

Teen, 17, first to be charged with unauthorised wireless Net access

By Chua Hian Hou

A 17-YEAR-OLD polytechnic student has become the first person here to be charged with piggybacking on someone else's wireless Internet connection.

Garyl Tan Jia Luo was accused yesterday of using a laptop computer to gain unauthorised access to a home wireless network on May 13 this year.

If convicted, Tan faces up to three years in jail and fines of up to $10,000 under Section 6(1)(a) of the Computer Misuse Act.

Tan was released on $6,000 bail and is scheduled to appear at the Subordinate Courts on Wednesday.

Court documents did not describe the circumstances in which Tan was arrested, but The Straits Times understands that a neighbour near his Casuarina Walk home had lodged a complaint against him.

While there are no statistics on how commonplace the practice of piggybacking unsecured home wireless networks is, networking firm Cisco System's spokesman, Mr Rayson Cheo, said it is probably quite widespread here.

Most modern notebook computers and personal digital assistants (PDAs) have the ability to sniff out unsecured networks and hop online for free with just a few clicks.

There are numerous guides online that describe how to do this and the low cost of wireless networking equipment means that most HDB or condominium blocks have unprotected networks users can log on to.

Said Mr Cheo: 'People assume, wrongly, that since it is there, it is okay to use it.'

Mr Aloysius Cheang, the chairman of local infocomm security association, the Special Interest Group in Security and Information Integrity, said: 'Most people probably do it because it is convenient, or because they are cheap and want free Internet.

'But, for some, it is because they want to do something illegal like defaming someone or downloading pirated MP3s, and they don't want the activities traced back to their own network.'

In the online world, there are even special terms for it, like 'wardriving' and 'Wi-Fi mooching'.

The problem, said lawyer Bryan Tan, is that while most people know that mooching is not quite legitimate, they probably do not know that it can be treated as a serious offence.

'Blinkered by the convenience and allure of ?free Internet', people don't realise that mooching is the virtual equivalent of trespassing,' he added.

Likewise, many users do not seem to realise that they can block moochers simply by installing a password on their Internet connections.

For most users, the only indication they get that someone is mooching is when their connection speed slows down, though Mr Cheo said software tools are available for download that can track who is using a network and what they are doing on it.

While the case is the first of its kind here, there have been at least two similar arrests and convictions in the United States.

In some countries like Holland, Mr Tan added, Wi-Fi network owners can even be held liable by the courts for crimes committed on their unprotected networks.

chuahh@sph.com.sg

Re:More info

[Catbeller]

Home locks are pickable so that police and locksmiths can open them. Your home is accessible by law.

That said, radio devices are not homes, WEP is not a lock, and accessing a device which sole purpose by design is sharing access is not invading private property. Metaphors are not real. Radio is not "yours", ideas are not "yours". Such semantic confusion -- intentional confusion -- leads to things like 17 year old kids going to prison for a crime that only exists in the the minds of hornswoggled. The thing to look out for in the years ahead is the first execution of a person for "stealing" a metaphor. Probably going to happen a lot sooner than even I believe it will.

Re:More info

[cayenne8]

I've got an old scanner that picks up old analog cordless phones and cell phones....I heard some VERY interesting conversations..about sexual liasons...and couldn't believe how people would freely give out bank and other private/financial info over the insecure air.

That being said....with open wireless access points? Jail time? I mean, c'mon!! AS I posted on the story about 5-10 yrs. in prison for Dos attackers....let the sentence reflect the severity of the crime!!

Violent offenders can and do get off for less than 3 years!!!

If someone leaves an AP on and open...I think that is pretty much a free invite to join in...

And if not...well, for sure it isn't worth imprisoning someone 3 years!!

Re:More info

[kdemetter]

I think that is pretty much a free invite to join in

I agree . If someone doesn't wont you to use their wireless , there are many ways to prevent it .

It's even possible to use their wireless unintentionally . if the signal is strong enough , your computer may decide to use that one . So you can go to jail because your computer screwed you over .

Re:More info

[cgenman]

though Mr Cheo said software tools are available for download that can track who is using a network and what they are doing on it.

Yeah, it's called your router's software.

My old 802.11b wireless router died a few years back. I didn't have a laptop at the time, but my girlfriend did. It was literally 6 months before we noticed that her laptop wasn't connecting to our router, but rather a unsecured wireless router in the building. It was just automatically connecting to what's available.

This is not "stealing" network access, or "breaking in" to your house. This is a device, available for everyone nearby, which is constantly broadcasting packets saying quite literally "Hey, I'm here! Does anyone want to connect to me?" Your computer then says "Hey, I'm a laptop. This is my network card identification. Can I get on your network?" The router then says "Sure, hop on. I'll route your packets."

This is not someone coming to your house and attaching alligator clips to your phone line. This is YOUR router, working in YOUR stead, behaving exactly as YOU have configured it to. This is like a secretary whom you've told to let anyone into your building. If you can't be bothered to train the secretary in the simplest of fashions (and putting a password on a network isn't exactly rocket science), you shouldn't envoke the police when you find they have let random people into the building.

If you can't spend the ten fucking minutes to put a password on your network, you shouldn't waste the judicial system's time when people access it.

Re:More info

[FireFury03]

If someone leaves an AP on and open...I think that is pretty much a free invite to join in...

What I find most interesting is that an open accesspoint is actually broadcasting invitations - if accepting an invitation is considered illegal, how is accessing a web server legal? I mean, a web server doesn't broadcast it's presence so you have to actively try and connect.

How can I tell the difference between an accesspoint that is intentionally open and one that has been set up by an idiot? Should I assume that everyone's an idiot? The next time I want to go to the pub, am I to assume that the building I'm about to enter isn't really a pub and the "Bar" sign hanging outside the door was put there accidentally?

When you associate with an open network, it's not as if you're going down the road trying doors to see if they're open - you're actually getting invitations broadcast to you and many devices will connect without asking - are you responsible for your computer connecting to a random access point without asking you first?

My new cunning plan

[also-rr]

1. Don't take any of the many simple steps I could take to lock down my network despite the fact that many devices are designed to automatically lock onto any open wireless network.
2. Rename wireless network free help yourself.
3. Insist that charges are pressed against my neighbours.
4. Buy their houses at low low prices and use the space for an indoor pool and a bowling alley.

Pretty open and shut

[Zerbey]

Putting aside the fact that running an unsecured network should also be a punishable offence in this day and age, the kid was still in the wrong. Just because you can break into a network does not give you the right to do so. The question is whether or not he did it on purpose or if it was just another stupid Windows box attaching to the nearest open wireless access point (I've lost count of the number of times I've accidentally attached to my neighbour's WAP [1] ... telling Windows not too is like pulling teeth).

I just hope the conviction isn't too harsh. A fine would be more appropriate than jail time.

[1] And yes, I have told him to fix it. Even did the neighbourly thing and secured his network for for him. The following day he removed my configuration because "he didn't like entering a password". He'll learn the hard way eventually.

Re:Pretty open and shut

[Hizonner]

You know what? Fuck you.

I will be continuing to run my intentionally "unsecured" wireless network.

How come every random carrier gets to run a wireless network that anybody can use for $10/hour (and, yes, that can be paid anonymously in cash), but I should be punished if I choose to do the same thing for free? For that matter, how come the backbone ISPs get to carry traffic for everybody, everywhere, without asking any questions, but I shouldn't? How come (I suspect you think) they're not responsible for what their users do, but I am?

If you don't like freedom of communication, then get off the Internet.

... and I'm sorry you can't learn to configure your computer properly. Sucks to be you, I guess.

Oh, and the kid was in the wrong only if he was somehow on notice that the network wasn't intended to be public. Otherwise my right to run an open network would be compromised.

Re:Pretty open and shut

[slashbob22]

How come every random carrier gets to run a wireless network that anybody can use for $10/hour (and, yes, that can be paid anonymously in cash), but I should be punished if I choose to do the same thing for free? For that matter, how come the backbone ISPs get to carry traffic for everybody, everywhere, without asking any questions, but I shouldn't?

I think if you consult the License agreement for your ISP, you will find that you are not permitted to effectively become another Tier 2/3 ISP. Even at "free" you are still buying IP transit from another ISP and providing it to others.

For that matter, how come the backbone ISPs get to carry traffic for everybody, everywhere, without asking any questions, but I shouldn't?

For the same reason, you are the one signing the LA and because you are not an ISP, it is assumed that all traffic originating from you is yours/under your control. Certain liability has been waived from ISPs in regards to content because they are merely "keepers of the pipe" and have little influence on what goes through them - you do not fall into that category.

This is what I understand, but the obvious caveat to this is IANAL.

Re:Pretty open and shut

[Hizonner]

I think that you will find you are wrong. My ISP explicitly permits and encourages me to run a wireless network, which I may run as either paid or open. The agreements are in order all the way up the chain.

And it's a service agreement, by the way, not a license agreement.

Re:Pretty open and shut

[Hizonner]

I'm sorry; I missed the second part.

In fact, I am just the "keeper of the pipe" in the same way that my upstream ISP is. I AM a service provider for my wireless users, and all the protections applied to service providers apply to me. I have as much legal right, and certainly as much moral right, to act as a service provider as does any large, for-profit corporate entity.

The basic moral truth here is that I have an absolute right to provide any communication service I want to anybody. Where I am, the law doesn't forbid that right now. Changing or reinterpreting the law to forbid it, or to make it impractical by loading on a lot of stupid administrative and data retention requirements, would be evil and illegitimate.

open on purpose or not?

[magarity]

The problem is that while some people are clueless and don't secure their wireless, other people have a sharing nature and leave theirs open on purpose. How the heck do you tell the difference?

There's a saying...

[bnavarro]

"The Punishment Does Not Fit The Crime"

My understanding is that Singapore's punishment for littering, vandalism, drugs, and most everything else, is far more severe than most liberal democracies would tolerate. It is NOT surprising, therefore, that he is facing 3 years / $10,000 fine in Singapore, whereas in a western country he would likely face < 1 year + < $3,000 fine for a first offence of a crime of this nature, unless he was caught using the wireless access to do something else illicit, like download child pornography.

Singapore is a police state. It is not a liberal democracy. It is unfortunate that he is facing such a harsh sentice for such a minor crime, but it should not be unexpected in an unfree country such as this.

Not to end on a trollish note, but honestly, if you believe that caning and a lengthy prison sentence is a fair and just punishment for spraypainting a wall, then I would suggest you try living in a country that practices such harsh punishments, and see how long you like it there.

Re:This is absolutely right. -- Is it?

[Hizonner]

The user agreement for virtually all ISPs does not allow their users to share their internet connection wirelessly, no matter how generous your neighbors feel.

False. Yes, most consumer ISP service agreements forbid this. There are significant exceptions. And almost any ISP that has any non-consumer operations will sell you a connection that you can share if you're willing to give them enough money. I have a "legal" open wireless network, with the permission of my ISP, and so do lots of other people. There is no reason my users should assume my network isn't legitimate.

If you leave a network wide open, you are doing the only thing you can to invite people to use it. Absent information to the contrary, there's no reason it should be forbidden to assume the good faith of such an invitation. If your ISP service agreement doesn't permit you to share the bandwidth, then you need to close down the network, or somehow put people on notice that they can't use it. Only you, not the users, are in the wrong if you don't.

Re:remember, this is SINGAPORE

[tsm_sf]

Uh, an open AP is literally an invitation. Nobody is hacking your wirez, you are actually broadcasting the availability of a service. Another great example of getting pissed off at someone else because you didn't read the damn manual. It's a FIVE PAGE BOOKLET. It HAS PICTURES. They literally DREW A PICTURE FOR YOU.

Re:This is absolutely right. -- Is it?

[Hizonner]

So, I assume that you call the operator of every Web server and get permission before you connect to it, right?

No. You don't. You don't because setting up a Web server, and not doing anything to restrict access to it, implicitly authorizes people to use it, at least in any "normal" way.

You also don't look around for an "OK to drink" sign before you use a public drinking fountain. Not even when that fountain is on private property. Also, by the way, you don't go around inquiring whether the drinking fountain operator has an agreement with the water company that permits her to give away the water. You just drink the damned water.

We're talking about what norms should be established in a relatively new case. I claim that the norms should be consistent (meaning that the same norms that apply to T-Mobile should apply to me), that they should be practical (meaning that there's a reasonable way to have an open network and an reasonable way to have a closed one), and that they should comport with the way the installed technology behaves (meaning that, since the default configuration of practically every computer is to connect with any available open network, that behavior should be expected).

The people who want closed networks already have methods available to them. It's trivial to mark a network as not being available-- don't beacon the SSID, or turn on MAC filtering, or turn on authentication or encryption. Those are simple, reasonable ways of marking the network as closed, and they work within the technological framework. Asking me to talk to every user or post a sign goes outside the technological framework and is an unreasonable burden.

Re:remember, this is SINGAPORE

[linuxmop]

Although Singapore's laws are somewhat draconian in areas, you are exaggerating:

• Homosexuality is NOT punishable by death. Apparently it is punishable with life imprisonment, but I get the impression (via Wikipedia) that this is not often done.
• Marijuana USE is NOT punishable by death. However, drug trafficking is punishable by death, and you can be convicted of drug trafficking by carrying a large amount of drugs.
• Yes, there are some restrictions on freedom of the press (e.g. you can't publicly write about religion or race, apparently), but not all media is state-controlled.

Re:remember, this is SINGAPORE

[ultranova]

Technically, functionally, you may be right. Morally and ethically might be a different question. The main question is..."if it is unsecured, is that a specific invitation to use it?"

Yes. An unsecured wireles access point is constantly sending out an invitation to every device nearby. It's broadcasting "Hey, I'm here, connect to me!" to every device nearby.

So yes, leaving a wireless access point unsecured means it's constantly and actively inviting everyone to connect to it. It's not just sitting there waiting for connections (like a HTTP server, for example), it's like a spammer sending e-mails with connection instructions to everyone nearby.

Personally I say no. You and others may have a different opinion.

This is not an opinion. This is how the Wi-Fi protocol works. Leaving an access point unsecured means it's constantly sending invitations to connect to every device nearby. Maybe that's not what the owner meant, but it's what his actions (or inaction) amount to anyway. And I, for one, am starting to get a bit tired on having to walk on eggshells because some morons can't be bothered to RTFM.

Re:Nope

[Slimcea]

How the fuck this got modded Informative I have no idea, but here are the firsthand facts from someone living there - water wastage is indeed illegal, but the context in which it is applied has always been towards wanton wastage of public water for non-constructive purposes. Private usage of water has never been regulated - you're free to do exactly what you want with the water flowing out of your taps; just be expected to pay for it. On the other hand, public water (aka those from public taps) wastage is regulated, and there should is no reason why it shouldn't be. While washing your cars with water from public taps or using them to fill up water guns for a friendly water fight has and will always be fine, there should be no reason to allow people to use up a swimming pool's worth of water just to clean a dirty windscreen.

As for the gum and the subway issue, I don't know where you live, but over here, automation means the lack of human oversight, so to err on safety is always better for commuters. I sure as hell wouldn't want to be flung out of a high speed train onto a set of electric rails just because they decided that hey, a door that won't shut isn't as important as sticking to the schedule. As a citizen and frequent user of said train system, despite what was reported, gum pretty much affected the running of the trains. What gum certainly was though was a public nuisance that stuck to your shoes or pants if you were unlucky enough. I'll concede that I don't think the magnitude of the problem back then was large enough to warrant a complete ban.

In any case, you clearly have no idea of what you're talking about. Gum was banned in 1992, and your other posts on kids and drugs (categorically false BTW) makes it abundantly clear that (a) you've never stepped foot in Singapore (b) you have no idea what is going on in Singapore.

Re:remember, this is SINGAPORE

[Fulcrum+of+Evil]

If you can't bother to tell people that this is private (the moral equivalent of installing a fence with a gate), then yes, you are inviting everyone to use your router. I don't care to hear anyone bitching that it's too technical, either. A subliterate moron could figure this stuff out.

Its a trap?!

The neighbor knew how to check if someone is using his wireless network, but doesn't know how to secure it? An open wireless network is an invitation for anyone to use it.

Internet access through a wireless network that is probably connected to a ADSL modem has fixed costs. The guy really didn't lose anything. So he just doesn't want anyone else to benefit from something he has paid for.

The charged teenager is 17 years old. The neighbor could have told his parents what he was doing and they could have told him to stop or take away his computer...

Sounds like the neighbor wanted someone to use his network, so he could sue them.