Some 12% of Consumers 'Borrow' Unsecured Wi-Fi

alphadogg writes "Despite the fact that it's often considered an illegal act, a sizeable percentage of the UK/US internet-using population 'borrows' unsecured Wi-Fi access. This is according to a study conducted by the group Accenture. 'The Accenture study found that computer users are still engaging in some unsafe computing practices. Nearly half of all respondents said that they used the same password for all of their online accounts, and only a quarter of them have ever encrypted files on their computers.'" My guess is the actual figure is higher than that.

news..

[thermian]

This just in:
People on the internet 'steal' stuff they should pay for.

Re:news..

Why can't I use a negligible amount of bandwidth when you are not using it?

Re:news..

Why can't I use a negligible amount of bandwidth when you are not using it? The same reason you can't use my car when I'm not using it. I pay for it and I don't want to share with strangers.

Maybe that sounds selfish, but it doesn't matter. If you can't afford your own connection - tough. The internet is a luxury, not an entitlement.

Re:news..

[wattrlz]

Same reason I shouldn't use a negligible amount of your money, house, girlfriend, or other stuff when you're not using it.

Re:news..

[drsmithy]

Why can't I use a negligible amount of bandwidth when you are not using it?

Because you have no way of knowing whether or not a) it's a negligible amount of bandwidth and b) I'm using it.

Re:news..

[Constantine+XVI]

Actually, a lot of routers (mine, Buffalo WHR-HP-G54 running DD-WRT) can tell you exactly both of those things, and prevent them.

Re:news..

[B'Trey]

No problem. Don't park your car on the street with the keys in it and with someone standing there offering to open the door to passer-bys who want to go for a ride. If your wireless connection is unsecured and offers DHCP configuration to anyone who wants to join, it's an open invitation. Basic security and MAC filtering are easy to configure. They won't stop a determined or knowledgable hacker, but that isn't the point. Anyone who's hacking in knows they're intruding where they aren't wanted and are committing an illegal act. But if you leave it wide open and the welcome mat out, then don't be surprised if someone makes use of your network.

Re:news..

[dtzitz]

Go ahead. I leave my wi-fi open for that very reason. I may get burned one day or I may change my posture before that. When I want security on the web I may switch over to my Linux partition and make sure the site I am using SSL but for playing games and browsing /. I am happy to let my neighbor use some of my bandwidth. Additionally there is software to authorize users once they have paid for access but that brings with it another host of issues.

Re:news..

[roggg]

Same reason I shouldn't use a negligible amount of your money, house, girlfriend, or other stuff when you're not using it.

Most of my stuff is either consumable (my money), or incurs "wear and tear" as a result of use meaning either increased maintenance costs, or a shorter usable life span. Bandwidth has none of these problems. It's more like if you leave your TV on, and your curtains open, and I watch through the window. It may annoy you, but it's not putting you out any.

Using my "stuff" legitimately deprives me of something of value. Routing your bits through my access point when I'm not using it deprives me of nothing.

Re:news..

[AlterRNow]

The key difference being that those are all tangible items which suffer from a detrimental effect when they are used ( wear and tear, decrease in amount etc. ) while bandwidth is not tangible and does not suffer a detrimental effect. In other words, someone using your car costs you money, someone using your bandwidth costs you nothing ( monetary anyway, please note my last point in this post )

If everyone/most people shared their wireless, the ability to access the internet from anywhere would increase substantially. Yes, there would be free-loaders and there probably always will be but that shouldn't stop us from trying to make something better in my opinion.

Though I don't use Wi-Fi, if I did, my main reason for having it secured would be that if someone used my connection to do something illegal, I am not confident it would not be me that gets blamed.

Re:news..

[SatanicPuppy]

Horseshit.

If I left my money, house, or girlfriend available on your property, I wouldn't really feel like I could complain if you helped yourself...That's what these people are doing. If I have a neighbor whose signal is strong enough to cause interference on my equipment, I feel no qualms about using his service.

If the WAP isn't even trivially secured, then that's an open invitation, same as having an FM radio signal crossing my property is an open invitation to monitor it. If you don't want other people to use it, don't leave it wide open.

Re:news..

[electrictroy]

Internet access only costs $7 a month (Netscape). It's hardly necessary to steal it from your neighbors. To me stealing Wi-Fi is a bit like stealing a pizza out of somebody's grocery bag. Silly.

No.

Like the security manager at my old JCPenney store used to say, "Shoplifting is stupid. If you're going to steal, go for the really big rewards, like an armored truck filled with cash. Don't waste your time on small stuff; it's not worth the risk."

He's right.

Re:news..

Bullshit.

Wireless networking is now a consumer device. Meaning, someone NOT in IT and with little knowledge is going to buy those items. If they're not already, those devices should come locked down so much that the user will have to follow a wizard or (gasp) read the manual; which let's be realistic here, very few folks do.

Should they completely understand their equipment? I don't know. But when I go into a computer store and routers and access points are stacked like soup and the box saying that it's easy to hook up - just plug and play - I think shrugging your shoulders and saying it the user's fault and therefore it makes it perfectly fine to steal bandwidth is complete horseshit. So, if you installed your lock on your front door incorrectly, leaving the packaging in clear view on your porch, it should be fine to walk into your house?

Re:news..

[AlterRNow]

Note to self:
Don't forget wallet at this persons house or let my girlfriend visit it alone.

:)

Re:news..

[alittlespice]

This is akin to someone leaving an outdoor tap running, and another person walking by with an empty glass and filling it up. You're not using the water (bandwidth), it's running (not being stored), so you're paying the same cost either way.

With a car, it costs the owner something, wear and tear, gas etc if someone borrows it. Not to mention that two people can't drive the car at the same time, but two people can surf at the same time. With wifi, there is no additional cost (unless the person abuses the link but that's not what we're talking about).

Re:news..

[xaxa]

A better example:

A relative of mine used to own a house very close to a beach, with a tap on the outside. Sometimes people would rinse their feet using the water on their way back to their car, or just take water to cool drinks, I don't think anyone ever had a problem with this.

Re:news..

[Hoi+Polloi]

I lost my original reply when my neighbor turned off his wi-fi router. Some people are so rude.

Re:news..

[spookymonster]

Why can't I live in the parts of your house you're not using?

Re:news..

[Naughty+Bob]

To me stealing Wi-Fi is a bit like stealing a pizza out of somebody's grocery bag. Silly. Stealing Wi-Fi is not just silly, it's pointless.

I don't know what it's like where you live, but wherever I need to use wireless, I just use that free and ubiquitous 'Belkin 54g' network.

Re:news..

[rotide]

The other side to this is, out of these 12% of consumers who are "stealing" it, what portion KNOW they aren't connected to their own network?

The ironic part is, I bet a good deal of them DO pay for it but don't use it because their laptop/etc either automagically connected to their neighbors, or they didn't realize that they chose the wrong network when they set their computer up on the network.

Re:news..

[SatanicPuppy]

The real issue with a WAP is that it is constantly inviting people to use it! It's broadcasting, offering to automatically set you up!

If someone just dropped off money, or a house, or a member of the preferred sex that fit your need, and that was eager to fill that need, what grounds for complaint could there be?

Re:news..

[Austerity+Empowers]

It's only a problem if your neighbor presses charges.

there are some lame criminal laws out there, which probably wouldn't stick.

Re:news..

[phoomp]

This also in: some people/companies intentionally open up their wireless connection for public use.

Re:news..

[JebusIsLord]

The thing is, I don't feel bad about stealing their bandwidth any more than they probably care that I'm doing it. The parties being stolen from here are the ISPs. They're the ones in a panic.

Back around 2000, I worked at a high-speed company who was trying to crack down on connection sharing WITHIN the home. They wanted to charge for one modem per PC!

Re:news..

[vux984]

This is akin to someone leaving an outdoor tap running, and another person walking by with an empty glass and filling it up. You're not using the water (bandwidth), it's running (not being stored), so you're paying the same cost either way.

For now maybe. But we'll probably eventually have bandwidth the same way we get cellphone minutes in a multitude of complex connection plans...

pay-as-you-go
x upload y download cap
x upload, unlimited incoming, free evenings and weekends after 9pm, free bandwidth on your birthday
x upload, y download, unlimited from itunes music store, youtube, and your fave-five sites
etc...

When that happens using someone elses bandwidth will be depriving them of something/ costing them something. I think its going to happen eventually. I think it has to.

Additionally, there is the exposure to hassles from the likes of the RIAA, the police, etc, if you use 'borrowed' internet for something that gets their attention. Even if they are innocent, and even if its a certaint they will be cleared of all charges - its STILL a hassle, and potentially a costly one.

Re:news..

Stop with annonlogies. They aren't needed here, and yours are insufficent to descirbe what is going on.

WiFi and bandwidth that are unsecured entering my property I must assume was left open and unsecured just for that reason, to be open and unsecured. I know lots of my peers intentionally have open networks.

Remember, these access points advertise themselves as being open, hardware cards default to connect to the strongest open network and it's trivial to click "secure wireless" or other such option on the router. There is no reason to believe that people sharing their bandwidth are doing so out of neglect.

If you really want an analogy...

Your router is sending singlal onto my property like water from a sprinkler set to close to the property line. If I see your hose out there sprinkling my lawn anyway, and I happen to move my potted plants to the edge of lawn to catch the wasted water your pouring on my lawn without my permission (and without moving/adjusting your hose), should I be considered a water thief?

Or, to use one of yours... If your girlfriend began telling everyone that she was single (open), and looking to make a connection. Can you fault another guy who didn't know she was taken for completing the transaction? No, you'd fault the girl for being too lose (the router) and you'd fault yourself for your choice of girl (your choice not to secure your wireless, and not have it advertise itself as being open).

Re:news..

[teh+kurisu]

...someone using your bandwidth costs you nothing...

Unless you're broadband package has usage caps (which, if you include 'fair usage policies', applies to most). Excessive bandwidth usage would eventually have a detrimental effect, due to ISP sanctions such as speed throttling or charges for out-of-package downloads.

Re:news..

But how is it even stealing? You're using unused bits that for the most part they don't have to pay for. Unless you have a severely metered ISP, your bill is going to be the same whether I get to check my email on the road or not. If I'm not depriving you of anything, it is not remotely stealing. Not even sketchy RIAA math of depriving potential sales being 'stealing', as frankly if you wanted to use your internet connection while someone else was connected through it, you'd hardly notice. If its the type of user you describe who doesn't know how wireless internet works, they're probably not the type of user to notice their 6megabit connection becoming a 4megabit connection for a few seconds as I load a webpage.

If you're talking to your friend outside about how awful a movie you just saw was and I overheard, did I just steal your movie review service?

And for the record, I run an open wireless network at home. I don't even have wireless devices other than a nintendo DS I never use. It would just be a dick move not to.

Re:news..

[billcopc]

This knee-jerk debate always comes down to one thing: broadcasting.

If you leave your front door unlocked, you're probably not standing on the porch yelling "Free house, come and get it!" and handing out name tags. If you do, then you can't turn around and claim the guests were trespassing.

If you install an unsecured Wi-Fi gateway with DHCP, the device is yelling to everyone within 100 meters "Free network, come on in" and handing out IP addresses to any takers. It is _YOUR_ responsibility for leaving it open.

The argument against locking routers down by default, is that it's too complicated for the user. Bullshit! People use locks and keys all the time for their home, car, office, filing cabinet, safe deposit box... all things of value they wouldn't want to have stolen. How is your private, personal network any different ? If you don't want people poking around your shared files and internet access, then put a freakin' lock on the thing.

I have no pity for people who fail at common sense. Just because it plugs in the wall doesn't give you an excuse to be stupid.

Re:news..

[spookymonster]

This is akin to someone leaving an outdoor tap running, and another person walking by with an empty glass and filling it up. You're not using the water (bandwidth), it's running (not being stored), so you're paying the same cost either way. Close, but no cigar. There are 3 key differences:
1) The tap is closed when you find it - it's not 'splashing' internet on everyone standing next to it: you have to turn the spigot on (DHCP connect) before getting 'wet'

2) Homeowners pay for water, just like they pay for internet. In fact, in my town, I pay a varied amount depending on how much water I've consumed. So your taking water from me increases my cost, just like if you took bandwidth from me and I had a usage cap.

3) A 'cup of bandwidth' sounds nice and harmless... but what about a 'swimming pool full'? What if you're using all that water to do something illegal... does that make me somehow culpable?

With wifi, there is no additional cost (unless the person abuses the link but that's not what we're talking about). We're not? I don't remember anyone omitting abusive and/or illegal use from the conversation...

Re:news..

[mini+me]

In the real world the assumption is that you do not touch someone else's property without permission. However, on the internet the reverse is true. It's assumed that you have permission unless the information uses some type of access control protection.

Should I be required to get consent from VA Linux before I try to access Slashdot? Of course not. So why should I be required to do it when it's my neighbour?

Re:news..

[Belial6]

"Why can't I live in the parts of your house you're not using?"

Because I lock more doors, and I do not have a sign on the front of my house saying "Come on in and use my house". If I left my doors unlocked, and did have a sign out front inviting you in, you would not be able to find a cop that was willing to make an arrest.

Re:news..

I really don't like this analogy because we all know the "keys in the car" bit would still be stealing. This is really a lot more like having a butler answering the door to your house and instead of turning people away he invites everyone in for tea. Only problem is you never told him to turn people away. Are all the folks in your sitting room drinking tea really stealing it? Your unsecured router is giving explicit permission (on your behalf) to anyone who asks to join your network.

Re:news..

[mini+me]

If I attached an awning to my home that happened to extend out over your property, I'd be more than happy to let you sit under it.

Re:news..

[jimbob666]

Yes, you would be blamed.

Problem with this approach is that you are responsible for your network and equipment. If someone was browsing illegal sites and downloading questionable files from your connection then expect a visit from the authorities.

And what about all the personal details you have on your PC/Laptop? You don't mind credit card numbers, personal browsing histories or things that can ID you falling into the wrong hands?

And virus protection? If someone connected to your wireless network with an infected PC you would be ok with that virus/worm propagating to your PC?

Just don't go down this open access for all route!! :)

Re:news..

[Sancho]

If you leave your front door unlocked, you're probably not standing on the porch yelling "Free house, come and get it!" and handing out name tags. If you do, then you can't turn around and claim the guests were trespassing. A better analogy is that you buy a home, but the home builder doesn't tell you that there's an invisible man standing on the porch yelling to people to come on in in a voice too high pitched for you to hear, but that everyone else hears just fine. They put that information in the home's user manual, but hey, who reads those things. You just started using the home, and it kept the rain out, let you plug things in and use them, let you cook your dinner and watch your TV, so you assumed that everything was alright.

Bad analogy? Maybe, but if so, that's because analogies really don't work well in this case.

The argument against locking routers down by default, is that it's too complicated for the user. Bullshit! People use locks and keys all the time for their home, car, office, filing cabinet, safe deposit box... all things of value they wouldn't want to have stolen. How is your private, personal network any different ? If you don't want people poking around your shared files and internet access, then put a freakin' lock on the thing. Doors and locks have been around for centuries. Ubiquitous computing in the home has been around for a little over a decade, and home networks for even less time. People may eventually get to the point where they can figure these things out, but for now, they're still mystified by the pretty colors on their screen.

I have no pity for people who fail at common sense. The sad fact is that when many non-techie people start using computers, they simply freeze up. It's something so completely alien to them that they don't function well. Most people don't think about security anyway*, except that security which was explicitly drilled into their heads at a young age (lock the doors, keep your keys and wallet with you, don't leave your drink unattended at a restaurant or bar.) Why would you expect people to suddenly develop "common sense," as you put it, when presented with something alien, when they don't even use "common sense" to notice other insecure infrastructure that they aren't explicitly told about?

*Bruce Schneier recently wrote an article on just this topic--the security mindset isn't a part of most people's thinking. http://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html

Re:news..

Its a tad bit different than the free stuff being offered at a specific location.
Wifi signals exit the actual owners property. In windows and OS X a user is only told that their are wireless networks available. They are "reminded" that they should only connect to networks they have permission to access.

Due there being free wifi, this only confuses the issue more as it promotes people to look for free and open APs.

Within the next 2-3 years you will find that most APs will be secured. This will happen due to the manufacturers shipping APs with encryption by default.
WPA makes passwords much easier for the non-technical Wifi owners to be secure.

Re:news..

[NeverVotedBush]

One thing people should understand is the liability for not locking their access points down. There was a comment on a recent Slashdot article (http://it.slashdot.org/comments.pl?sid=523768&cid=23089520) that was telling people how to anonymously post possibly illegal information:

Drive around, find an open wireless access point.

The person that posted it is no brainiac either. Anyone with any savvy at all knows to piggyback on someone else's connection when they want to do something that requires anonymity. Look how many people here talk about piggybacking and their reasons for doing it. Such things are sometimes (frequently?) illegal and the first place law enforcement is going to look is to the owner of the link used to do whatever was done.

These days, with protections for citizens being removed at rates only a fascist would love, people can get hauled off for questioning, their computer impounded for forensics, etc. I don't have the link, but IIRC the RIAA was even going after the owner of an unsecured access point and holding them liable for the filesharing that was done over that access point even though they could not connect the accused's computer to the activity.

I just don't see opening myself up to others doing illegal, immoral, or both over my equipment and putting me in the crosshairs of whatever organization is investigating the event.

Re:news..

[DrSkwid]

He's wrong. Unlike armed robbery, shoplifting won't get you 12 years in prison on your first offence whereas you can happily shoplift here knowing your first offence will be a caution that won't show up on a criminal records check, your second a small fine in the region of 100 euros and your third a larger fine maybe 500 euros (all depends on your income).

Re:news..

[Sparks23]

Doubtless that's a large number, but I don't think they're represented in this slice of consumers.

After all, if they are not aware they're not on their own network they would not have answered 'I use a neighbor's WiFi' on the survey, and so wouldn't be counted in the 12%. :)

Re:news..

[Mr.+Beatdown]

[Y]ou would not be able to find a cop that was willing to make an arrest. I think you underestimate the wide variety and diversity of intelligence we have in our police forces.

Re:news..

[NeverVotedBush]

If I left my money, house, or girlfriend available on your property, I wouldn't really feel like I could complain if you helped yourself.

Man, do I ever call bullshit on this one. Next time you and your girlfriend go to a party or whatever at someone's house, and if you catch her off in a bedroom, making out or screwing the host's brains out, get back to us and tell us how you didn't complain.

This analogy stuff is so laughable. All who are using it - water faucet, girlfriend, whatever - are only trying to assuage their own guilt for what they know is stealing. It's obvious and you people know it. There may not be any consequences, and the access point owner may never know or even care, but it is still stealing and it is costing someone money for the bandwidth you have used.

Re:news..

[mollymoo]

If you install an unsecured Wi-Fi gateway with DHCP, the device is yelling to everyone within 100 meters "Free network, come on in" and handing out IP addresses to any takers.

It is not saying "come on in". It's saying "here is network X, it is not secured". You can't legally find out if it's running DHCP without being authorised to connect, so that point is moot.

In the spirit of eco-friendliness, let's try a bike analogy. If you left your bike without locking it it would be advertising its presence by bouncing photons and those photons would encode the fact that it is unsecured. That doesn't make it an open invitation to take your bike. It's not advisable to leave you bike unlocked, not because doing so is an open invitation to use it, but because there are vile people like you about who can justify their morally abhorent behaviour to themselves.

Re:news..

[Russ+Nelson]

Errrr, but you intended to share it with me, because you didn't secure it. This story isn't about people breaking into secure networks. It's about those nice people who intentionally leave their wifi network open for other people to use. Clearly this story isn't about you.

Re:news..

[MightyYar]

Is "Belkin 54g" vs. "linksys" going to be the new Ford vs. Chevy?

Re:news..

[NeverVotedBush]

What you are doing is fundamentally different from the people that are piggybacking on someone else's connection.

As long as your ISP didn't put any kind of clause in your contract that would prevent what you are doing (I would bet they did but obviously cannot know), then what you are doing is fine, legal, and your choice.

I personally am not comfortable opening my network to anyone who might want to join so they can trade child pornography, share files illegally, or make threats against political figures anonymously, but if you don't mind that liability, go right ahead.

Re:news..

[kestasjk]

Why can't I use a negligible amount of bandwidth when you are not using it? The same reason you can't use my car when I'm not using it. I pay for it and I don't want to share with strangers. I've got a better reason; ISPs factor in the average bandwidth use when deciding prices. If 1/2 the bandwidth used by the average connection was stolen through WiFi the average person's internet bill would double, whether or not he had actually secured his connection.

Re:news..

[Schadrach]

That it's stolen, condemned, or she's underaged? I know, not your point, but someone can always find a case where something will be deemed wrong. =)

Re:news..

[rocketPack]

Personally, I don't exactly condone people piggybacking on someone else's connection - open or not.

However, I have on occasion utilized open access points. The typical scenario is that I'm lost or need to look up a place to eat, so I pull up in a residential area, hop on to grab some directions or something, and then I'm done.

Another situation would be when I'm troubleshooting someones computer or network on location, and for one reason or another I have no other option when I need to look up a syntax, get advice, or download a patch.

In all of these cases I steer clear of illegal activities, minimize the bandwidth used (only surfing and downloading small files like patches or spybot updates).

For these situations I am really grateful for these open APs, whether because of ignorance or kindness I will never know, but grateful none the less. Does the /. community frown upon this kind of use? Is it REALLY considered immoral or illegal?

Re:news..

[MightyYar]

Of course, it's even more confusing than that, since some people and places purposely share their connection.

So maybe it's a bit like reaching into the free bin of newspapers and pulling out a NY Times. Either the Times delivery guy messed up, or they are running some kind of promotion - both of which are likely.

I have no qualms connecting to open connections because they are advertising that they are there and open. I would probably take pause if the id were "Joes Router Go Away" or something like that, but I've never seen a name like that. I would also not connect if I knew for a fact that the owner did not want to share the connection and was just retarded.

Re:news..

[Tony+Hoyle]

That's like saying 'you intended me to take your car because you left your door unlocked'.

It's total BS, and you'd have a damned hard time arguing that in a court. Unauthorized use of computer resources is a criminal offence - it's just that the kind of people who don't know how to secure a router are also the kind of people who don't know how to find out who's using it illegaly.

Re:news..

[Tony+Hoyle]

And I'd be more than happy to charge you ground rent for the amount of my property that you were invading.

Long and bitter lawsuits have been fought over *much* less... it's not worth even thinking of borrowing a neigbors space.

Re:news..

[NeutronCowboy]

I actually find your use of girlfriend as an example to be highly appropriate, if somewhat disturbing. If I ask your girlfriend to give me a bj, and she says yes, what's the problem? She gave me permission - it's none of my business to figure out whether what she says matches what you wants. That's your problem, not mine. The fact that you think that a girlfriend falls into the same category as a house or money though.... man, that's an entirely different issue that you're gonna have to resolve on your own.

To expand your analogy a bit more (and understand that physical analogies for EM waves and computers are weak at best and misleading at worst), assume that some guy I don't know comes into my house and starts leaving dollar bills around. I'm gonna assume that he meant for that to happen, and I'll collect them and spend them. If someone beams a signal into my space that has all kinds of hellos and please use me embedded into it, I'm gonna take advantage of that offer in the same exact way.

Re:news..

[Tony+Hoyle]

Depends on your country/state's specific laws on the matter. I'd get acquanted with them if I were you, just in case.

Here it's illegal (a form of theft) and if the owner decided to press criminal charges you could go to jail for it.

Re:news..

I don't think you should be using /.'s servers if that's your attitude. After all you are getting on their network without asking. Same goes for every other thing on port 80. If it is open it should be OK to go through the door (at least on a network), otherwise everything breaks.

Re:news..

Doors and locks have been around for centuries. Ubiquitous computing in the home has been around for a little over a decade, and home networks for even less time. People may eventually get to the point where they can figure these things out, but for now, they're still mystified by the pretty colors on their screen. Yeah, it took me a few centuries to get the hang of locking the door to my home, but I eventually got the hang of it. A decade just hasn't been long enough for me to figure out home networking.

Re:news..

[NeverVotedBush]

Does the /. community frown upon this kind of use? Is it REALLY considered immoral or illegal?

I notice that you don't mention knocking on doors to ask if it is OK to piggyback on someone's connection. It really isn't that hard to localize where the signal is coming from and some people even use their street address to name their access point.

Have you ever been in the situation where it would have been easy to ask for permission but you did not?

Shouldn't your answer to that question answer your own?

Re:news..

[cparker15]

If I'm not depriving you of anything, it is not remotely stealing. Not even sketchy RIAA math of depriving potential sales being 'stealing', as frankly if you wanted to use your internet connection while someone else was connected through it, you'd hardly notice.

If you want to get technical, you're depriving the ISP of a potential sale. Instead of paying for your own connection, you use someone else's. Now, instead of getting paid for two connections (yours and your neighbor's), the ISP is only getting paid for one (your neighbor's).

For the record, I, too, run an open wireless network. I never said I cared about depriving my greedy ISP of a sale.

Re:news..

[dtzitz]

I bet your right about my contract with my ISP. I am putting my money on them not enforcing that (pretty safe). Liability is not as clear cut as you make it seem. Especially not here in Florida.

Re:news..

[DamnStupidElf]

It is not saying "come on in". It's saying "here is network X, it is not secured". You can't legally find out if it's running DHCP without being authorised to connect, so that point is moot.

Wrong. The access point broadcasts all DHCP responses (along with all other traffic), and it's up to the discretion of the wireless NIC to accept or discard the RF that it receives. It's fairly obvious to every 802.11b/g device in the area whether or not DHCP is running, at least if it listens long enough.

Your argument falls apart because you imply that the access point somehow "owns" or "controls" its own airspace. That's just stupid. Each access point has to share the spectrum with every other 2.4GHz device, which makes the responsibility to authenticate access to the network behind the access point the responsibility of each access point, and not the other way around. Don't forget that access points are continually broadcasting "unauthorized" beacons to every NIC in range. They started it.

Re:news..

[mollymoo]

Some people and places deliberately share their bikes too. That doesn't give you the right to assume you can take any bike you see unlocked.

Re:news..

[DamnStupidElf]

A better analogy is that you buy a home, but the home builder doesn't tell you that there's an invisible man standing on the porch yelling to people to come on in in a voice too high pitched for you to hear, but that everyone else hears just fine. They put that information in the home's user manual, but hey, who reads those things. You just started using the home, and it kept the rain out, let you plug things in and use them, let you cook your dinner and watch your TV, so you assumed that everything was alright.

Buying a wireless access point is like moving into a neighborhood. You get to own your house (the actual access point), but you have no choice of neighbors. Any of them can come knock on your door and try to visit with you. Some of them will be friendly and you wouldn't mind visiting with them, but until you get a restraining order or put up no trespassing signs (change the SSID), you can't stop them from coming over to knock on your door. They're using your sidewalk, perhaps even precluding your theoretical use of the exact spot they're standing on at the moment, but it's a socially acceptable thing to do when coming over to introduce yourself to new neighbors. Someone can also just build a junk yard or race track in your back yard, because the neighborhood has no zoning laws (like the 2.4GHz band). It's because you only own a single piece of property in the neighborhood, just like you only own a piece of hardware in the 2.4GHz 802.11b/g neighborhood, that you have no control over what happens in the overall neighborhood. Pick your neighborhood well, or build a fence (encryption) to keep the neighbors from coming to visit and keep the noise of the racetrack out.

This analogy still has flaws, but it's because the closest human analogy to 802.11b/g is being in a public place with lots of people shouting at each other to communicate. There's no privacy unless encryption is used, anyone can stand in the public place and shout, and no one can pretend that it's illegal to strike up a conversation with them while they're standing there.

Re:news..

[Mastadex]

What is this girlfriend thing you speak of, and where would I be able to acquire one?

Re:news..

[mollymoo]

CRT monitors broadcast what's displayed on the screen. That doesn't give you a right to see what's on the screen of every CRT monitor in the vicinity. I thought the "I can see it so it's mine" mentality was confined to infants and toddlers.9666666666

Re:news..

[graphicsguy]

The other side to this is, out of these 12% of consumers who are "stealing" it, what portion KNOW they aren't connected to their own network? Since it's a survey, I'm guessing 100% :-)

Re:news..

[DamnStupidElf]

Man, do I ever call bullshit on this one. Next time you and your girlfriend go to a party or whatever at someone's house, and if you catch her off in a bedroom, making out or screwing the host's brains out, get back to us and tell us how you didn't complain.

If the girlfriend (or access point) decides to do something, whose fault is it? Certainly not the fault of the person who asked them to do it.

Re:news..

[mollymoo]

Erm, that last bit was a message from my cat, who decided to add her comments just as I clicked "Submit".

Re:news..

[lysdexia]

That's why I named my router "ParasiteNet".

http://craphound.com/someone/download.php

I can connect to four open routers from my home office. I don't stress if my dsl goes down. :-)

Re:news..

[Sancho]

For your analogy to work, you'd have to be building your house on public land. Maybe communal land, like an apartment complex, would work better.

Nonetheless, public land or apartment complex, there are rules governing other people's use of your stuff. With an access point, the applicable rules are in the various computer use and hacking laws. The key question is probably whether or not the average person would consider the DHCP handshake as an invitation from one person for any given person to access his network. Chances are, the average person would not consider the DHCPOFFER to be an actual offer, in human terms. If it's not an offer, then it's trespassing, which is illegal.

Re:news..

[ceoyoyo]

You're not even stealing the house. You're just sitting in the living room watching TV, because the owner invited you in!

Re:news..

[MightyYar]

Even if it looks exactly like the bikes that are meant for sharing?

Re:news..

[AlterRNow]

I can see your point, it could cost you money ( if you get charged for usage over your cap ) or even your connection.

Would it be possible to identify "outside" usage and have the router throttle the speed to, say, 5kbs and cap it at 25% of your maximum usage? Then it would be there, albeit slowly and limited, for others to use if needed, but not to have any significant impact on the owner of the connection ( or the ISP? )

Re:news..

[drsquare]

No problem. Don't park your car on the street with the keys in it

So you're equating wireless theft with grand theft auto? I think that's a bit extreme.

If your wireless connection is unsecured and offers DHCP configuration to anyone who wants to join, it's an open invitation.

No it isn't, no more than my front door opening to anyone who pulls the handle is an open invitation to burgle my house.

Good to see that the entitlement complex is still alive on this site though.

Re:news..

[houghi]

Bad analogy? Maybe, but if so, that's because analogies really don't work well in this case.

That is generaly what happans with analogies. People thing when they hear that an analogy is a comparison in the matimatical way. It isn't.

Re:news..

[Jimmy_B]

I've got a better reason; ISPs factor in the average bandwidth use when deciding prices. If 1/2 the bandwidth used by the average connection was stolen through WiFi the average person's internet bill would double, whether or not he had actually secured his connection.

No, it wouldn't! Prices would only go up by about 5%. Internet service is not like heating oil or tap water; it doesn't cost more to provide just because you use it more. If everyone suddenly started using twice as much bandwidth, they'd have to upgrade some routers, and that would be it. Routers are cheap. On the other hand, stringing a cable to your house, paying a techie to answer the phone and a lawyer to deal with the town is expensive.

Re:news..

[redxxx]

I didn't think there was anything illegal about Van Eck phreaking and anyone who can see in your window from public property can legally see what is on your monitor.

So, yes, you actually do have a right to see what is on the screen of every CRT in your vicinity, provided you don't break other laws(trespassing for instance) in the process.

Re:news..

[canajin56]

Even in your example, it is the seller of the home who is at fault, and the owner for not reading the manual. Not the person who accepted the invitation. Especially given the fact that Windows XP will automatically use any unsecured WiFi it can find, and its technically difficult to stop it from doing so even if you realize it's happening at all!

MY router had WEP enabled out of the box. On the bottom is a removable sticker put there by the factory. It has a copy of the serial #, the device-specific WEP key, and the device-specific default password. It came with a nice thick manual, and a single sided single page colourful "quick start" card that tells you about the sticker and how to use this WEP key in Windows or on a Mac. Every WiFi router should be this way, and should have been from the start. If you can't read this ONE card telling you how to get started, you don't get Internet. Tough break.

Re:news..

[AlterRNow]

If you were to follow that route, i.e. you are ultimately responsible for your connection and everything that passes through it, is it possible to sue the owner of every machine an e-mail passes through for damages if a virus contained in that email infects your machine? I can't say this with any authority or solid knowldege but.. I don't think so.

What about things such as botnets? Can the owners of zombie machines be prosecuted? Again, I don't think they can.

The way I see it, the only people who are guilty of anything in the case of downloading illegal material are those that provide it or acquire it. Though I suppose one could argue that you facilitated it by providing a connection. My response to that however would be:
But was that an intent?

I think it is safe to say I would mind unauthorised access to my machine or being infected with a virus/worm but what you say sounds like ( to me ) a machine is more vulnerable to machines on the local network than the wide network. I've always believed that a machine on the other side of the world is as much a threat to mine as any other, even on my local network.

Re:news..

[NeverVotedBush]

Do you go around a proposition all of your friend's girlfriends and wives?

Do you really think your friends would absolve you of all responsibility if you got the wives/girlfriends to sleep with you?

How would you feel about your friends if they were all asking your girlfriend/wife to sleep with them? You wouldn't object or think differently about them?

This analogy stuff is stupid. Piggybacking on someone's network without their permission is wrong and you know it. Everything else is just trying to come up with some way to justify your actions and absolve your guilt.

Re:news..

[greenzrx]

Though I don't use Wi-Fi, if I did, my main reason for having it secured would be that if someone used my connection to do something illegal, I am not confident it would not be me that gets blamed. There is another school of thought on that. if someone manages to break into your network (a trivial task in lots of cases) and then that someone uses your bandwidth to do something illegal, you are going a much harder time convincing people that you didn't do it.

if you have an open hotspot it's a lot easier to cast doubt on who actually did the illegal deed.

Re:news..

[DamnStupidElf]

It's perfectly legal to walk onto someone's property and knock on their door, unless they have told a specific person not to do so or they have very prominent "no trespassing" signs.

The computer abuse laws talk about authorization and authentication. They generally state that IF there is a notice that access must be by authorized users only, THEN unauthorized access is prohibited. Much less is said about how to initiate an authorization request, and whether simply asking to be authorized must first be authorized. There's a chicken and egg problem if no one can request authorization because they have no authorization to do so. Nothing is said about how to legally access public services on public networks.

In fact, the only exception to the above is wireless access points, because the access point initiates every connection by broadcasting beacons. Your argument can be turned around by arguing that it should be illegal for wireless access points to broadcast a beacon to network cards that they are not unauthorized to transmit to. The reason both positions are foolish is because the 2.4 GHz spectrum is in the public spectrum. It is legal for an access point to broadcast an SSID, and it's legal to broadcast an association request to an access point for a specific SSID. There is no way for any given NIC to know whether a specific beacon is intended for it or some other wireless card, and every NIC within range must receive every beacon that gets transmitted in order to work properly. If the beacon does not specify encryption, hidden SSID, or an SSID containing a notice that authorization is required to connect, the only logical implication is to assume that the beacon is an invitation to any NIC to associate with the access point, since it is on public airwaves. This falls in line with every other use of the public airwaves, in which authorized users of the spectrum are assumed to have permission to transmit, including the permission to attempt to contact another authorized user with a receiver. People don't need predetermined authorization to communicate with each other on a public channel, even if they've never met before. In response to an association request, the access point can do MAC filtering or deny the connection if the SSID doesn't match the a hidden SSID broadcast, or if encryption is enabled. This is the first level that authorization can be explicitly denied, and NICs should respect the response.

Once the NIC is associated with an access point, there is an implicitly authorized layer 2 connection to the access point. A layer 2 network's purpose is to forward ethernet packets and support standard services like BOOTP, since it's a well known standard. I highly doubt that following officially published and established standards on a network that explicitly authorized a connection with an association response can be construed as unauthorized access or a hacking attempt. Here the access point or the network behind it has yet another chance to do MAC filtering, DHCP-client ID filtering, or any number of other choices to give or not give an IP address to the NIC. If the NIC is given an IP address, and more importantly the addresses of the default gateway and DNS servers, it is explicit authorization to use that IP address and the gateway and DNS servers to connect to other network devices reachable through the access point.

Not taking this common sense approach means it should be illegal to look up www.google.com on any network, because you're not specifically authorized to use the DNS server (and woe be unto those who ask for recursive queries, not knowing who or what they might be contacting for their unauthorized DNS lookups), nor specifically authorized to connect to an IP address it returns for www.google.com's A record.

At about 5 to 10 steps along this process, it's trivial for the access point or network to deny access to a NIC. Denying access is roughly equivalent to making further attempts a violation of the computer abuse laws, because it serves as a barrier to e

Re:news..

[NeverVotedBush]

Uh, how is Internet access a right? Why is it a right and going to the movies for free isn't? What about eating at a restaurant? Is that a taxpayer right? Maybe the government should give you a car, give you a house, spoon feed you, and even wipe your ass after a bowel movement?

It's people like you that make me afraid for what kind of society we are heading toward.

Re:news..

*Bruce Schneier recently wrote an article on just this topic--the security mindset isn't a part of most people's thinking. http://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html He also wrote a piece on why he leaves his Wireless Network Open.

http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html

Re:news..

[wattrlz]

The, "...all kinds of hellos and please use me [sic]" Is part of the signal. It wouldn't work otherwise. OK, it would work, but it would require a significant amount of effort beyond what can be expected from the hypothetical average reasonable person - an issue in itself, but a separate one.

Girlfriends have free will. I'm sorry I neglected to include a disclaimor to that effect in my analogy. It is not my belief that members of one's preferred sex become mindless automata when engaged in a relationship. I was just thinking biblically about oxen, asses, and wives that should not be coveted and hoping it would obviate the possibility of using the old, " Well, I don't care about material goods and thus nobody does :P !" response by referring to something most people want and like to keep.

The Dollar bill comparison is flawed because the act of placing a dollar bill somewhere is a conscious act. If that same hypothetical person were to wander into your house simply possessing the aforementioned lucre in a visible manner it would be more appropriate. By virtue of the fact that it is money and you want to spend it the money is, "inviting" you to use it, and it is on your property, but no one has expressly given nor bequeathed it to you yet.

Re:news..

[NeutronCowboy]

OK, it would work, but it would require a significant amount of effort beyond what can be expected from the hypothetical average reasonable person - an issue in itself, but a separate one.

No, that IS the entire issue. I suspect we wouldn't be having this discussion if all WiFi routers would come with either wireless turned off, or with encryption enabled. People being stupid is not reason enough to throw out the entire framework of the internet.

Re:news..

[Sancho]

Even in your example, it is the seller of the home who is at fault, and the owner for not reading the manual. I do think that there's blame to share. Devices should be secure by default. However, a person intentionally connecting to someone else's access point without that person's knowledge or invitation should be wrong. And DHCPOFFER should not constitute invitation (though naming your access point "FREE INTERNET" should.)

Especially given the fact that Windows XP will automatically use any unsecured WiFi it can find, and its technically difficult to stop it from doing so even if you realize it's happening at all! We're talking about people who intentionally connect to their neighbors access points, not people who accidentally do.

MY router had WEP enabled out of the box. On the bottom is a removable sticker put there by the factory. It has a copy of the serial #, the device-specific WEP key, and the device-specific default password. It came with a nice thick manual, and a single sided single page colourful "quick start" card that tells you about the sticker and how to use this WEP key in Windows or on a Mac. Every WiFi router should be this way, and should have been from the start. I agree. But they aren't, and yours is the first that I've ever heard of that used WEP by default. Which make/model is that?

Re:news..

[Sancho]

Yup. He chooses to do so, and he chooses to assume the risks of doing so. Good for him. I'm certainly not suggesting that he shouldn't be allowed to do this.

Re:news..

[nominanuda]

I'm confused...isn't using the ubiquitous "Belkin 54g" exactly what was being referred to as "stealing"?

For myself, I'm not cheap enough to feel the need to steal wireless in my home (I think my neighbor's have unsecured wireless...), nor would I ever think about doing anything over someone else's unsecured wireless that required any sort of security (I draw the line at checking my gmail account). But, I'm perfectly happy grabbing someone else's wireless when I'm away from my home to use my wifi enabled phone or my laptop.

Re:news..

[Sancho]

What part of "the average person" and "human terms" did you not understand? Regardless, you have flaws even in your technical portion:

Not taking this common sense approach means it should be illegal to look up www.google.com on any network, because you're not specifically authorized to use the DNS server Huh. My ISP handles that for me. They give me DNS servers to use, and the use is authorized by the terms of use. If their DNS server goes out and queries Google's servers, that's sort of their issue. Interestingly, there was a recent court case regarding this. Someone was investigating a company, initiated a domain transfer against the company (which the company's DNS servers allowed), and the person was found guilty of illegal computer access.

Operating a device in full compliance with free, open, and public standards utilizing public airwaves simply cannot be construed as unauthorized access if it happens *without user intervention*. Probably not even in the technical sense. What about when you start asking my component to route packets? Do you again imply that allowing the request implies authorization? Because using open airwaves is one thing, but using my own property or leased property is quite another.

Operating a device in full compliance with free, open, and public standards utilizing public airwaves simply cannot be construed as unauthorized access if it happens *without user intervention*. Everyone who argues that access point owners should not be responsible for managing their own devices are ignoring the fact that by doing so, it requires every laptop owner (of which there are arguably more than there are access point owners) to be responsible for managing their device instead, despite the fact that it is the access point which initiates every connection by broadcasting a beacon. Two problems here.

First, we're not talking about laptop owners who open their laptops and find that they're connected. We're talking about people who intentionally connect to and use other people's internet connections.

Second, I think that it's a stretch to say that a beacon shouting "I'm here!" is initiation of a connection.

Re:news..

ROFL
$5 says half the users are so clueless they don't even realize they are connected to their neighbor's router.
-AC

Re:news..

[jimbob666]

The way I see it, the only people who are guilty of anything in the case of downloading illegal material are those that provide it or acquire it.

But to the ISP's this appears as the account holder who has one of their public IP addresses. If someone obtains illegal files using a computer connected to your open wireless network, to the ISP and on the ISP's logfiles it looks like it is you. I assume the authorities carry out their investigations based on these log files from ISPs. Granted, they wouldn't find anything on your own PC - but imagine what you would have to go through to prove that it wasn't you with the illegal files.

I've always believed that a machine on the other side of the world is as much a threat to mine as any other, even on my local network.

A good secure belief to have. I would go a step further and say machines on the local network are less of a threat because you can trust them. Until you open up your local network to any passers by with open wireless.

Re:news..

[ultranova]

He's wrong. Unlike armed robbery, shoplifting won't get you 12 years in prison on your first offence whereas you can happily shoplift here knowing your first offence will be a caution that won't show up on a criminal records check, your second a small fine in the region of 100 euros and your third a larger fine maybe 500 euros (all depends on your income).

No, he's right. Armed robbery carries high risk, but you only need to do it once. You might get lucky and get away with a loot; if so, you're set, and need not perform any more crimes. You can now invest the cash (low-profile, of course) and live off the profits for the rest of your life.

On the other hand, while a single case of shoplifing only carries a small penalty, it also has only a small potential gain. If you needed to do it once, the chances are you need to do it again, and again, and again, in which case you will get caught the first, second and third time; not maybe, but certainly. It is only a matter of time. As a saying goes: "You have no chance to survive make your time."

Furthermore, if you are poor enough to make shoplifting worth the risk, 500 euro fine is ruinous. It will almost certainly crash your personal finances for good.

The lesson: if you're going to risk everyting on a desperate gamble, make sure that the payoff is large enough that you don't need to do it again. Forget the shop, go for the car. And plan beforehand what you'll do with the loot. Invest it so it can gain interest while you do time, either in prison or in hiding; burying it in the ground is stupid. Every good bank robber team should include a crooked accountant, who launders and invests the funds.

Not that I'd condone any such thing, but it is an interesting problem to plan an efficient robbery.

Re:news..

Yeah, because stealing bandwidth is SO similar to stealing a bike...
Who modded this insightful?

Re:news..

whoosh

Re:news..

[StarvingSE]

joke

head

Re:news..

[Dogtanian]

If someone beams a signal into my space that has all kinds of hellos and please use me embedded into it, I'm gonna take advantage of that offer in the same exact way. Enough of this bullshit rationalisation. I doubt that the 802.11 specifications *ever* implied that the broadcasting of an SSID on an unprotected WAP should be interpreted as a "hello, please use me", as you imply.

Your argument is biased because you choose (IMHO quite deliberately) to read meaning and value judgements into them when in fact there is no such meaning- neither from a technical aspect, nor through social consensus.

And the social consensus bit is important; it's how a lot of things work. Do you ever look for a sign that says "I am a shop, please come in and browse?" before you enter one? No, of course not. Do you ever go into a restaurant, have a nice meal, and act surprised when you have to pay (like they just gave you a nice meal out of the goodness of their hearts)? No, of course not. But that's because there's a social consensus that tells us how shops and restaurants work that almost everyone in society understands.

There's no such universally-accepted social understanding yet (either way) with WiFi. Someone might have deliberately left the access point open. They might just not have secured it. Either way, I wouldn't be able to assume. And as a Slashdotter, I strongly suspect that you know this perfectly well. Your implication that one *can* interpret an open access point in a manner favourable to your argument is self-serving and misleading.

As for the "your waves are crossing my property", that's a different issue. There might- or might not- be some mileage in this, but it there's no straight answer. You can rationalise pretty much anything if you dissect it to some arbitrary level of detail or nitpickiness; (e.g. considering human beings as their constituent atoms). However, these are generally just pseudo-intellectual geek wankfests by people wanting to win arguments; I don't think that even *they* really believe them. Such nitpicking generally says *nothing* useful about human beings' values in interacting with each other- which like it or not, is what this thread is about, when it comes down to it.

Re:news..

That's only an option when you're at home and if you're trying to use a service that works over dialup (e.g., you can stream music that's barely listenable if you do nothing else). And even the cheapest landline will put you closer to $30/month (as opposed to $20/quarter for a prepaid cell and open wifi).

Re:news..

[idontgno]

t's more like if you leave your TV on, and your curtains open, and I watch through the window. It may annoy you, but it's not putting you out any.

But that would probably be trespass, which is illegal. And it might be peeping, which is a distinct crime in some jurisdictions.

Re:news..

[Eccles]

The thing is, I don't feel bad about stealing their bandwidth any more than they probably care that I'm doing it. The parties being stolen from here are the ISPs. They're the ones in a panic.

When I switched over to FIOS, they gave me an router with built-in Wi-Fi and the encryption already set up. Presumably this is exactly so people won't share it by accident, and preferably won't share it at all.

I can't get my son's iPod Touch to connect to the PITA, though.

Re:news..

[Warbothong]

This knee-jerk debate always comes down to one thing: broadcasting.

If you leave your front door unlocked, you're probably not standing on the porch yelling "Free house, come and get it!" and handing out name tags. If you do, then you can't turn around and claim the guests were trespassing.

If you install an unsecured Wi-Fi gateway with DHCP, the device is yelling to everyone within 100 meters "Free network, come on in" and handing out IP addresses to any takers. It is _YOUR_ responsibility for leaving it open.

The argument against locking routers down by default, is that it's too complicated for the user. Bullshit! People use locks and keys all the time for their home, car, office, filing cabinet, safe deposit box... all things of value they wouldn't want to have stolen. How is your private, personal network any different ? If you don't want people poking around your shared files and internet access, then put a freakin' lock on the thing.

I have no pity for people who fail at common sense. Just because it plugs in the wall doesn't give you an excuse to be stupid.

I disagree with your "Free Network, come on in!" argument, I don't think unencumbered wireless networks broadcast an encouraging message at all, they merely don't broadcast the message of a lock.

That's the reason my ADSL2 router has "Free Internets" as a network name, because I think all of the fear mongering propaganda that goes on by the network equipment manufacturers and ISPs makes some people think twice about connecting.

Re:news..

[rollomatto]

A better analogy is that you buy a home, but the home builder doesn't tell you that there's an invisible man standing on the porch yelling to people to come on in in a voice too high pitched for you to hear, but that everyone else hears just fine. They put that information in the home's user manual, but hey, who reads those things. You just started using the home, and it kept the rain out, let you plug things in and use them, let you cook your dinner and watch your TV, so you assumed that everything was alright. I think you know about the invisible man yelling, you just think hes yelling only at you

Re:news..

[AlterRNow]

imagine what you would have to go through to prove that it wasn't you with the illegal files. Would I need to do anything? Innocent until proven guilty, right? It would have to be down to them to prove I did download the files otherwise it would kind of be like someone going to jail because they had the same name as the criminal. An IP address is not unique to a person or device so I personally do not regard it as tangible evidence. Law/judge/jury/your opinion, of course, may vary.

machines on the local network are less of a threat because you can trust them Unfortunately, I only administer 3 of the 5 active machines on my network and the other two? Well.. one is used by someone who will open absolutely anything without question and runs in the administrator group ( Windows XP ) and the other is constantly plagued by malware/viruses/etc. despite various protection applications ( also Windows XP ).

In addition, only myself and my other half ( to some degree ) are concerned with such things as security and Net Neutrality, but I am not in control of all the computers on the network. So you can see, not being in control of + being operated by people who don't care = lack of trust of other locally networked computers :)

Re:news..

[DamnStupidElf]

What part of "the average person" and "human terms" did you not understand? Regardless, you have flaws even in your technical portion:

The "average person" expects to be able to click on a wireless network in Windows and then start Internet Explorer without getting arrested for doing so.

Huh. My ISP handles that for me. They give me DNS servers to use, and the use is authorized by the terms of use. If their DNS server goes out and queries Google's servers, that's sort of their issue. Interestingly, there was a recent court case regarding this. Someone was investigating a company, initiated a domain transfer against the company (which the company's DNS servers allowed), and the person was found guilty of illegal computer access.

Your ISP in this case is the access point. In the court case, they did a domain transfer, not a lookup. slashdot got pretty upset about that, too, by the way. In other news, the courts have been siding with the MAFIAA and Microsoft recently, too. Might makes right?

Probably not even in the technical sense. What about when you start asking my component to route packets? Do you again imply that allowing the request implies authorization? Because using open airwaves is one thing, but using my own property or leased property is quite another.

So don't offer a default gateway to DHCP clients. THAT is how to avoid routing their packets, not to mention just not giving them an IP address to begin with. When I send a packet to a wireless router, I send it to www.google.com, NOT the access point. If the access point doesn't think it should forward packets from me, or not forward them to www.google.com, it doesn't have to.

First, we're not talking about laptop owners who open their laptops and find that they're connected. We're talking about people who intentionally connect to and use other people's internet connections.

The two groups overlap significantly. You are basically claiming that people only use wireless access points in their own home, and never go into a cafe, hotel, bar, airport, or any other public place and try to connect to a wireless network. All of those latter people might connect to an "unauthorized" access point without any knowledge they are doing so. The people who park in front of people's houses to steal their wireless access are just stupid morons, and could more easily be charged with stalking or harassment than a computer crime.

Second, I think that it's a stretch to say that a beacon shouting "I'm here!" is initiation of a connection.

Just as much as a NIC shouting "Can I associate? Can I have an IP?". The beacon is a request for associations. If the access point didn't want clients to connect, it wouldn't send beacons. Specifically, each and every beacon is directly addressed to every NIC, because beacons use the FF:FF:FF:FF:FF:FF broadcast address as the recipient. Every standards conforming NIC must accept those broadcasts, and interprets them as being addressed to itself. In effect, the access point is shouting "Hey, each and every one of you, if you want to associate with me here's my SSID and encryption parameters!" It doesn't say "Hey, 00:12:34:56:78:9a, 00:11:de:ad:be:ef, or 00:11:22:33:44:55, here's my SSID!", which would constitute explicit authorization for those MACs to associate. The actual message is explicitly saying that any and all MAC addresses should know about the existence of the access point and how to connect to it. Again, hiding the SSID or turning on encryption is enough to deny authorization to the NICs that don't know the SSID or key.

Re:news..

[Sancho]

So don't offer a default gateway to DHCP clients. THAT is how to avoid routing their packets, not to mention just not giving them an IP address to begin with. When I send a packet to a wireless router, I send it to www.google.com, NOT the access point. If the access point doesn't think it should forward packets from me, or not forward them to www.google.com, it doesn't have to. Awesome. Even more technical solutions for people who don't understand these things.

Is your goal to keep certain people (those who are ignorant of technical details of networking) off of the Internet entirely? I'm not passing judgement, but if that's your goal, at least I'll understand how you can be so elitist.

The two groups overlap significantly. You are basically claiming that people only use wireless access points in their own home, and never go into a cafe, hotel, bar, airport, or any other public place and try to connect to a wireless network. Do not put words in my mouth. I made no such claim, implied or explicit.

All of those latter people might connect to an "unauthorized" access point without any knowledge they are doing so. The people who park in front of people's houses to steal their wireless access are just stupid morons, and could more easily be charged with stalking or harassment than a computer crime. Most of those places that you're talking about advertise wifi, so the point is moot. They're making a human-understandable invitation to use the internet access.

Re:news..

[Samizdata]

But here's my question...

If you do not secure it, how am I to know you DON'T want to share it?

There's no simple and feasible way for me to determine where the connection is coming from and no real way for me to tell it was not intended for public access.

If it is secured, then it's a pretty easy guess that it is not meant for public access.

Re:news..

Most people don't think about security anyway*, except that security which was explicitly drilled into their heads at a young age (lock the doors, keep your keys and wallet with you, don't leave your drink unattended at a restaurant or bar.)

Nice try. The "don't leave your drink unattended" thing was not drilled into anyone at an early age -- it's a relatively recent phenomenon.

And all that's really required is for the router vendors to put a very large warning among the ten pages of shit like, "Do not attempt to plug this device in and use it in the swimming pool".

All the warning has to say is, "This router is delivered with a configuration which helps protect you against unauthorized access and possibly illegal usage by others, for which you may be held legally responsible. Please read instructions for how to allow access to other authorized persons whom you trust. Consult competent technical support if you need assistance beyond that provided in the instructions."

Really, it's not all that different from warnings like, "Unless you have experience with basic electrical wiring installation, this GFCI outlet should be installed by a licensed electrician."

Re:news..

[Samizdata]

Of course, we could not POSSIBLY request people take responsibility for their own possessions and actions.

Where would we be then?

Re:news..

[wattrlz]

OK, it would work, but it would require a significant amount of effort beyond what can be expected from the hypothetical average reasonable person - an issue in itself, but a separate one.

No, that IS the entire issue. I suspect we wouldn't be having this discussion if all WiFi routers would come with either wireless turned off, or with encryption enabled. People being stupid is not reason enough to throw out the entire framework of the internet.

That's really my whole point, though. This discussion presupposes the majority of people do not know how to configure their WiFi. We can not assume that an open network is the result of generosity when there is so strong a possibility it is the result of ignorance.

Using people's Wifi without their express consent isn't the entire framework of the internet, is it?

Re:news..

[AvitarX]

Except without the assumption that computers are to share their resources we have no internet. Ams I committing a crime when I try to connect to a website I have never heard of on port 80?

I can't know whether service exists their until I try to connect after all.

Requesting an IP is no different than requesting a webpage.

Re:news..

[mollymoo]

All the WiFi networks I've seen which are meant for sharing have an SSID which is either the name the establishment which offers free WiFi (typically to customers only, even though that may not be enforced by technical measures) or which makes it clear they are open, thus they do not look exactly like poorly configured private networks. If you see a network called "Belkin-54g" or "Linksys" it is more reasonable to assume it's a poorly configured private network than to assume it's an open-access one.

Re:news..

[mollymoo]

Requesting a connection to a wireless network (the IP bit comes later) is in fact different to requesting access to a web page. Publishing a web page is inviting people to view it. Plugging in a router in its default configuration is not.

Re:news..

[billcopc]

Routers these days actually do have big red warnings right on the device. I installed a Linksys or D-Link a few months ago, it had a huge sticker covering all the ports on the back, that said, in bold yellow caps something like "Load the CD in your computer before connecting this device".

The CD would then launch an idiot-proof wizard script that collects a password and other vital information from the user. Then once everything is ready, it explicitly tells the user what to plug, and when. The entire process takes less than 2 minutes then you're on the web, with a properly encrypted and secured connection.

If an average user can't be bothered to spend those 2 very easy minutes to do it right, then I have no pity for them and I do hope someone downloads vicious beast-on-kiddie porn through their unsecured AP.

Me, I have a custom setup on my open-access AP. It's not actually open, in the sense that until you've registered for a free account, it won't let anyone out of the sandbox. I guess it's kind of like hotel wi-fi, only mine's free. I do restrict many kinds of traffic and I keep logs, so it's not a free lunch for drive-by wankers. I certainly don't expect the common Big Box customer to possess the skill and experience to cobble together such a thing, but that's because I'm in the ISP business and they're not.

Re:news..

[5of0]

See, the problem with that (and pretty much any other digital=real life analogy) is that if I take your bike for a ride, you can't use it any more, and will most definitely notice that it's gone.
If I take your wifi, you can still use it, and unless I'm downloading movies or running a server, you most likely won't notice anything different.
Trying to fix the bike analogy is an exercise in futility, but I'll try anyway. First of all, your bike isn't any ordinary bike, it's a magical, electric bike. The magic makes it so that if anyone tries to steal it, the bike instantly creates an identical copy of it for that person to have, leaving your original bike untouched. The bikes are powered by a battery that is shared amongst the bike and all its copies, but any bike that's standing still recharges the communal battery.

Now, in this case, you're (almost) no worse off if a bunch of people "steal" your bike. The only disadvantages are:
1. If a bunch of people are using your bike all the time, you'll notice your bike's battery wears out quicker (internet is slower)
2. If someone is using your bike to go up hills all the time, the same thing will happen
3. If someone commits a crime on your bike (maybe they were desperate), you may well get pinned, if they can trace the serial number and such back to you.
Oh, and if you look in the manual for your bike, or ask a friend who has the same kind of bike (since in this analogy they're pretty ubiquitous), either will help you find the button to disable this functionality, or set it up with a passcode before anyone can grab a copy, so you can let your friends and family use it.
In this scenario, I don't see a problem. I'd buy a bike, and hey, if my neighbors wanted to use it on occasion, that's fine with me, it's not hurting me any. If it starts to be problematic, I'll put a passcode on it.

I could go further - viruses and such=damage, but then you would also have an infinite free supply of Rust-Eze and new tires (virus scan and such).

Re:news..

[MightyYar]

I don't think that I ever changed my router's name until I moved to NYC where every router had the same 3 names and it caused problems.

I also had to stop sharing my connection because someone had a weird configuration and it locked up my router.

Re:news..

Besides, those armored car guys don't carry guns for nothing.

Re:news..

[Slashdot+Suxxors]

If you don't want to share it slap some encryption on it. Takes ten seconds in the router settings. Problem solved. If the owners of the WiFi can't put simple encryption on their signals, then they deserve to have it leeched off.

Re:news..

stolen

See, you've already drunk the Kool Aid -- you have no place in this discussion.

the average person's internet bill would double, whether or not he had actually secured his connection.

So, in essence, the average person's bill has already been doubled to cover the ISP's ass. Fine, then I'll give away half of my bandwidth for free. I'm paying for it -- it's mine to do with as I wish. Doctrine of first sale and all that.

Same as if I buy an audio CD. I've paid a premium imposed by the RIAA's congress-bitches, so my downloaded music has already been paid for.

A suspicious nature will always come back to bite you in the ass.

Re:news..

[Z80xxc!]

Exactly. I set up a Linksys WRT54GL just two days ago. There was a big card on top of the router, in the box saying "LOAD SOFTWARE BEFORE USING THIS PRODUCT!", then a CD below that that said "RUN THIS CD BEFORE PLUGGING IN YOUR ROUTER", then the router had a sticker over the ports on the back - including the power jack - that said "DO NOT PLUG IN UNTIL YOU RUN SETUP FROM THE CD" or something like that. You put in the CD and it guides you through the simple process, including a clear, idiot-proof explanation of why a good password and WPA key are necessary, and it warned you strongly against continuing without one. Anyone who still has an unsecured router after going through that setup must be stupid. Oh and it has you configure it over ethernet, not wifi, so you won't get the wrong router.

Re:news..

[FrankieBaby1986]

if your going to go with a car analogy... imagine you had car that i could borrow and upon my not using it anymore, you could almost never tell i had been using it, even when we were both using it at the same time?

Re:news..

[blitziod]

ok but a beter analogy would be me standing outside your property listening to the loud music you had playing on your stereo...

Re:news..

[DrSkwid]

If you're committing crimes out of necessity you will always lose, you should do them just for fun.

Re:news..

[quantaman]

If your wireless connection is unsecured and offers DHCP configuration to anyone who wants to join, it's an open invitation.

No it isn't, no more than my front door opening to anyone who pulls the handle is an open invitation to burgle my house.

Good to see that the entitlement complex is still alive on this site though.

I don't think people are explaining it clearly enough.

I deliberately keep my wireless open, if someone needs a wireless connection I'm happy to share, if they abuse it I'll kick them off but my wireless is unsecured precisely so people can connect.

I know many other people do the same, and if I see an open wireless I don't really have a reliable way of knowing the owners true intension, however I don't think it's particularly bad of me to assume they'd be alright with me making use of that connection if I need it.

Re:news..

[kestasjk]

No, it wouldn't! Prices would only go up by about 5%. Internet service is not like heating oil or tap water; it doesn't cost more to provide just because you use it more. If everyone suddenly started using twice as much bandwidth, they'd have to upgrade some routers, and that would be it. Routers are cheap. Mmm, I'm not sure where you're connecting, but here in Australia 120GB costs significantly more than 60GB. In fact I think 120GB costs more than double 60GB, because if you get 120GB you're likely going to try and use the full 120GB, whereas if you're on a lower plan you're more likely to only use what you happen to need.

Also the ISPs here have been upping the prices, I had to move ISP because the price hike was so large, and the reason given was that now with all the YouTubing and Torrenting people are actually using their bandwidth, and that does mean significantly more costs.

I'm in West Australia, and what you say about bandwidth not costing more is true locally. Downloading stuff that's connected the WA exchange costs nothing, and I have 120GB extra bw for the WAIX. However international or even cross-country bw comes with a price per GB, and if everyone doubled the GBs someone's gonna have to double the fee paid to the carriers.

The ISP isn't going to pay the extra 100%, and your WiFi thief/user/wardownloader isn't either, it's going to be you. :-(

Re:news..

[dwater]

Note to self:

Don't forget wallet at this persons house or let my girlfriend visit it alone. :) Ha. Yeah, right. We believe you.

Re:news..

[dwater]

I think he was saying he has a friend who has a girlfriend who, when visiting, becomes 'available'.

You have a friend, right?

Re:news..

[dwater]

Unfortunately, according to this whole story, although it's legal for you to share your wifi, it is il legal for someone to take advantage of your generous offer.

IE, this whole law is assuming that people don't want to share their connection, and so makes it pointless for people who do want to share their bandwidth to do so.

Ignorance rules, in this case.

Re:news..

[indi0144]

Maybe it's not the fact that your bandwidth it's been used, maybe it's what the intruder "do" with that connection.. if some dude connects from your AP and .. say.. hacks the pentagon or download child porn.. Who will be prosecuted?

I sometimes use an open AP from a carwash near home when my own bandwidt it's stuffed with torrents (open AP for clients.. I'm a client btw), sometimes I just like to peek onto other neighbors WEP secured APs to show them they are vulnerable and so they can realize the danger, later I go there and set up things properly for free. It does not take more than 10 minutes but helps a lot, not just you do your "good action of the day" but also you get referrals.. :)

Re:news..

I leave my wireless open. Rather than try to explain myself, I'll let Bruce Schneier speak for me, because I agree with him: Schneier on Security: My Open Wireless Network "Whenever I talk or write about my own security setup, the one thing that surprises people -- and attracts the most criticism -- is the fact that I run an open wireless network at home. There's no password. There's no encryption. Anyone with wireless capability who can see my network can use it to access the internet..."

I wish everyone would leave their wireless open; it makes it more likely I'll get free wireless when I'm not in my home. And it makes deploying wireless VoIP much easier.

Finally, I would like to see the "It wasn't me who downloaded that song. See I have an open wireless access point. It could have been anyone." argument tested (hopefully successfully) in court. It might convince more people to open their wireless.

Re:news..

[AlterRNow]

I see your sarcastic tone and raise you a witty reply.

...

No, honestly, it is around here somewhere. I think my girlfriend has it..

Re:news..

[tsm_sf]

If you want to get technical, you're depriving the ISP of a potential sale.

This is exactly the kind of bullshit we've heard again and again from the IP companies. When we are at the point that you can sue for loss of potential revenue we will have FAILED.

((no, shareholder suits will not count until it's possible to sue a company for not immediately liquidating all assets))

Re:news..

[DjDanny]

Here's an analogy that DOES work:

You leave a light on at the front of your house, and somebody uses that light to read the time on their watch.

This is EXACTLY the same as using somebody else's wi-fi. It doesn't affect you unless they start doing something illegal with it. The difference made to your connection speed is likely to be minimal.

Re:news..

[mollymoo]

The analogy was intended to illustrate the point about permission to use, nothing more. The degree of harm caused is irrelevant. You simply do not get to make decisions about what to do with things which belong to other people. The fact that you might not mind people taking your "bike" is wholly irrelevant when the question concerns someone else's "bike". When it's someone else's "bike" they get to make the decisions, not you.

Re:news..

[stewbacca]

You make the assumption that it is universally accepted as a form of stealing in the first place, when it obviously isn't (considering how long these type of threads will go back and forth).

Re:news..

[stewbacca]

People use locks and keys all the time for their home, car, office, filing cabinet, safe deposit box... all things of value they wouldn't want to have stolen. How is your private, personal network any different ? I I agree with your sentiment, but I can tell you how it is different to me. My "private, personal network" has no monetary value. You can have all the baby pictures and episodes of The Office that you like. It costs me $35 month to have Internet access regardless if my neighbors are "stealing" from it or not. Even if they do "steal" it, I still have it, so I don't really care.

Re:news..

[stewbacca]

So maybe it's a bit like reaching into the free bin of newspapers and pulling out a NY Times. I see it differently. It's like reaching into the free bin and getting a free copy of the paper, but somebody else complains about you getting something for free so they try to make it illegal to give away free papers.

Re:news..

[stewbacca]

If I ask your girlfriend to give me a bj, and she says yes, what's the problem? Errr, nothing (outside of Alabama fornication laws)? Perhaps if they were legally married there could be some legality issues.

Re:news..

[MightyYar]

I agree with you, but think the motive isn't jealousy but fear. People fear anonymity, and doing your business through someone else's open router can make you more anonymous. And after all, only terrrrists need anonymity.

At the least, it blows a hole in the "person=IP address" nonsense.

Re:news..

[stewbacca]

The "person=IP address" issue bothers me. When I lived in Germany, I was using a family friend's car and drove too fast through a speed trap camera. The owner got the bill, being the owner of the car, but I was the guilty party. Lame. This is lazy law-enforcement at it's best....errrr..worst, and I see Person=IP Address going down the same slippery slope.

Re:news..

[5of0]

Okay, given. Stealing my magic electric bike may still be wrong, and for the purpose of establishing black and white wrong or right, your analogy works just fine.
Equating stealing wifi to stealing a bike, however, makes it sound much worse than it is, because no one wants their bike stolen - it's just too much of an inconvenience. There are shades of grey in the world, and stealing wifi, while it might still be grey, is a much lighter (aka less evil) grey than stealing a bike.

Stealing wifi is similar to stealing music, except that we're screwing the ISPs, who need to be screwed, instead of the artists. :P
If you think that's a heinous crime, by all means, get a cellular modem, or try your luck with a Hotspot subscription. For the rest of us, leeching wifi here and there isn't a big issue. Stealing bikes is.

Re:news..

Ok, now hang an open sign on your front door and see what happens.

Re:news..

[lawn.ninja]

Then secure it and stop putting the burden on everyone else. The same way you lock your car, lock your wi-fi and put up a disclaimer saying you don't want anyone to use it. I leave a Wi-Fi router open in my DMZ so that people can use it when they straggle along. I pay for mine too, but I don't mind sharing because the bandwidth that is likely to get used won't ever have any effect on my connection. As far as plausible deniablilty I have have plenty because I have an open an unsecured wireless router. Remember the whole innocent until proven guilty thing? or is that just something of the past out here now-a-days. Police can talk to me all they want...

Re:news..

And that person shouldnt be surprise when they find themselves charged with wiretap violations. Its illegal. Period.

Can someone help

[LiquidCoooled]

I am trying to connect to "Free Public Internet" but its not letting me.
Do I need a password?

Re:Can someone help

Connect to my one. I have two routers, one open to claim plausible deniability in case of some law enforcing morons knocking on my door.

Of course those two are on different network segments with fw between.

Re:Can someone help

Username: linksys
Password: admin

Re:Can someone help

I didn't get the joke. Could you explain it right quick?

Gotta Remember, They're Users

[Toad-san]

Had a lady bring her laptop into our computer repair shop. "I can't get the Internet any more."

After extensive questioning (using very small words), I determined:

Her expensive laptop worked fine.

Her TCP/IP settings, web browser, etc. all worked just fine.

The wireless components and setup worked just fine.

What was NOT working fine was her neighbor's wireless access point. Apparently that fine fellow had either turned it off, lost his own internet connection, encrypted his WAP, or whatever.

She never knew she was using his connection, connecting to his WAP. She thought that, since the stick-on on her laptop said it had wireless and could reach the internet .. that it was a godz-given fact that, anywhere she went, she'd have internet access.

"But it works on campus."

Sigh .. more explanations.

Half an hour of my life, gone. And I don't even want to think about the brain damage.

Re:Gotta Remember, They're Users

[notgm]

From the incidental stories I hear, this happens quite frequently.

Re:Gotta Remember, They're Users

[lena_10326]

Everyone started out as a newbie.

Re:Gotta Remember, They're Users

[scubamage]

Sadly only a handful ever progress past that point.

Re:Gotta Remember, They're Users

[Sobrique]

When computers were hard work, the newbie didn't get past the 'so where's this "any" key them?'. Sometimes I think it was better that way.

Re:Gotta Remember, They're Users

[zappepcs]

Wow, even the fairly informed can make mistakes. Windows has a fine way of prioritizing what APs it will choose to connect to. Read a story not long ago about someone who thought he was on his AP, but found out a year after installing it while troubleshooting a connection issues, that he had been using his neighbors AP.

So it goes...

Re:Gotta Remember, They're Users

[sm62704]

But you know, I see no reason whatever why the internet shouldn't be at least partly a free, mesh network. Set up all the laptops to be both a client and a server.

Of course, some big multionaltional corporations and their stooges will have hissy fits. Too bad fo rthem, hooray for the rest of us. If I get a laptop, I'll have wifi set up on my desktop, and it will be open. Because I'm not a selfish asshole.

Re:Gotta Remember, They're Users

[sm62704]

Sadly only a handful ever progress past that point

Is that twenty years' experience, or one year's experience twenty times?

Re:Gotta Remember, They're Users

[sm62704]

When I started to work at our Laptop shop, I wondered at all those signs "Microsoft Windows is not OFFICE"

Must be all them Linux users that are trying to get by with the Windows that came preinstalled on their new machines. We're used to getting a full office suite with our operating systems!

Re:Gotta Remember, They're Users

[Joe+Tie.]

I used to hate that attitude. But it's when anyone at the level of mildly competent or above winds up punished that I start to side that way.

Re:Gotta Remember, They're Users

[bman87]

I'll have wifi set up on my desktop, and it will be open. Because I'm not a selfish asshole. Forgive me for being a selfish asshole and not sharing the 18Gb of downloads/uploads i pay $59 a month for - and use all of each month

Re:Gotta Remember, They're Users

[SatanicPuppy]

Nobody is saying you have to share, but if you leave an open access point, don't cry because someone uses it.

Re:Gotta Remember, They're Users

[Skater]

From playing with a friend's WinXP laptop over the weekend, I can see how it happens: Windows will automatically connect to any network it can find, even peer-to-peer. I'm sure this behavior can be disabled, but it's probably set up that way by default by the manufacturers to make it easier for users. I realize this is old news to most people, but I don't use WinXP very often and was a bit surprised to see it connect to a peer-to-peer network.

(My laptop has WinXP on it, but it's an older laptop - 4 years - and it uses Atheros software to connect and only attempts to connect to the network I activate. Under Linux, my usual OS, I set up a script for it to connect to the SSID I specify.)

Plus, people do use others access points intentionally - some friends of mine were doing it over the weekend when we were camping at a spot that didn't have any internet access.

Re:Gotta Remember, They're Users

Fucking snob. You're a Code Monkey, right? Or are you telling Slashdotters you're a Rocket Scientist? This isn't Wikipedia, you know. Jerk.

Re:Gotta Remember, They're Users

[swillden]

Of course, some big multionaltional corporations and their stooges will have hissy fits.

As will some small, local internet service companies and their employees. Like the guy who gives such great advice on firewall configuration at the local LUG.

Re:Gotta Remember, They're Users

[D+Ninja]

That is true, but the thing to remember is that everybody is a newbie in something that they interact with day-to-day. Honestly, other than the basics, I couldn't tell you the first thing about how my car works. Living where I do, it's much more convenient to take it into a shop and not worry about it.

Not knowing how to do something doesn't give those people who do the right to look down upon that person. Then again, that's not going to change - everybody wants to feel important. Looking down upon the "computer n00bs" is just a nerd's way of feeling important.

Re:Gotta Remember, They're Users

[k3nv]

Thank god people like her exist. Without her, I wouldn't have a job in IT ;)

Re:Gotta Remember, They're Users

[nickj6282]

True enough, but there are still differences. The "newbie" referenced above doesn't care. She just makes random assumptions based on flawed marketing campaigns about how and why her PC should work the way that she wants it to.

The typical slashdot newbie asks why and how and strives to understand how it all works. Eventually, this person is no longer a newbie.

I see this all the time. I work a phone tech support position at a national cellphone carrier. There are two basic types of people who call in. One is the "problem child" who calls whenever their computer hiccups funny and we help them bring their Outlook account below quota for the third time in a month. The other type is the person who actually turns their brain on once in awhile and never calls us for the same issue twice.

Re:Gotta Remember, They're Users

[lena_10326]

The thing is no one ever said customer support would be easy. Expecting that is an unrealistic expectation. Humans are fickle creatures.

If one finds customer support not worth doing, then they shouldn't do it. There are quite a number of career options to choose from.

Re:Gotta Remember, They're Users

And then some idiot will find your AP, connect to it and download kiddie pr0n.
Next thing you know, some law enforcement agency is at your door kicking to 'ask you a couple of questions, sir'...

Good thinking, my man...

Re:Gotta Remember, They're Users

[sm62704]

As will some small, local internet service companies and their employees.

Well yeah, it's hard to compete with "free".

Like the guy who gives such great advice on firewall configuration at the local LUG.

You lost me there. Whos is this Limux guy that's giving you such a hard time in his user group?

Re:Gotta Remember, They're Users

[rdebath]

She is completely right that's exactly how it works, I have a stick on my laptop that can always find a signal where ever I am. _I_ don't have to pay anything for it. It's sometimes rather slow, but very very fast at the office. They bought it for me, said it was called a G3 or something like that.

It really does work just like she says, it's a 3G/wifi mixed card that switches to wifi in the office. It's on a fixed price per month contract with a "fair use" policy, so all they say is that you should only use it for company business. They don't tell you what it costs because it's just part of the overheads, for all I have to know it might be zero cost (Say they bought two years access when they bought the card).

What's more that's exactly how laptop internet will continue to work in the future, you can already get laptops with built in 3G, just add a SIM.

Re:Gotta Remember, They're Users

[Mr.+Underbridge]

Half an hour of my life, gone. And I don't even want to think about the brain damage.

Your brain damage or hers? ;)

I find that anytime a tech expert is explaining something like that to someone who is totally clueless, both should have between 2-4 drinks first. It really helps.

Re:Gotta Remember, They're Users

[NeverVotedBush]

Must be all them Linux users that are trying to get by with the Windows that came preinstalled on their new machines. We're used to getting a full office suite with our operating systems!

Dude, unlike with Windows, we Linux geeks really do get a complete office suite with our OS - it's called OpenOffice. Mac and IIRC Windows users can download it and install it for free on their systems too.

We get web software, programming software, scripting software, generally two complete GUIs (Gnome and KDE), productivity software, web server software, games, full manuals, lots of security capability, and tons of other stuff - all included for free. And the OS itself is free to.

Besides, an old copy of Microsoft Works doesn't count as "a full office suite". And if it really is Microsoft Office, you paid for it somehow. The vendor may have said it was included free but they had to charge you a bit more for the system so they could include that security nightmare for "free".

Re:Gotta Remember, They're Users

[fishbowl]

>Everyone started out as a newbie.

But aptitude seems to follow a bell curve.

Re:Gotta Remember, They're Users

[Tony+Hoyle]

Laptop 3G is really taking off here... the phone shops are pushing it like crazy at comparatively cheap prices. If I go into a cafe I see laptops with these dongles plugged in all the time.

A side effect is now when store's wifi breaks they never bother fixing it, becuase it's not getting used. Both the local starbucks now have no wifi, and the only wifi in the nearest town is a new costa coffee that charges more than the 3G data cost per hour...

Re:Gotta Remember, They're Users

[sm62704]

I'm not paranoid enough to worry about it. If my AP is open that should be defense enough.

Re:Gotta Remember, They're Users

[nickj6282]

I think you missed my point entirely. I happen to like my job just fine and I don't mind helping someone do the same thing over and over. Those users are our bread and butter and the reason I have a job. It probably helps that I do internal support and I don't actually work with our end customers.

My post wasn't a rant against my job. Rather I'm illustrating the fact that some "newbies" stay newbies because they think they know what they need to know already and make bad assumptions on the way that computers work (i.e. the lady who thinks that "wireless ready" means that she has internet everywhere all the time). Other "newbies" are only newbies until they take the time to learn what the hell they are doing and how to do it right.

Re:Gotta Remember, They're Users

[sm62704]

Reread the post. By "we" I mean "we Linux users". The point being if you bought or built a bare no-OS PC and installed Linux on it, you might quite naturally assume that your new Dell you bought to replace or compliment it would come with an office suite, too. It would be pretty much of a letdown to discover that your new Dell wouldn't do half of what your old homemade Linux PC would without a several hundred dollar purchase.

There isn't much you can do with a computer that doesn't come "out of the box" with Linux, and there isn't much you CAN do with that new Dell without a huge outlay in cash. I'm running dual boot Mandriva/XP at home. The only reason I have Windows still on it at all is because Mandriva thinks the subdirectories on HD1 (D: to windows, HDb to Linux) are files.

Re:Gotta Remember, They're Users

[Yvan256]

Hello? Is anyone there? I'm trying to reach someone at Dell technical support!

I've clicked the "submit" button but nobody is calling me back! This was two hours ago!

Why does your website say "Slashdot" anyway?!

Re:Gotta Remember, They're Users

[Actually,+I+do+RTFA]

Windows will automatically connect to any network it can find, even peer-to-peer. I'm sure this behavior can be disabled, but it's probably set up that way by default by the manufacturers to make it easier for users. I realize this is old news to most people, but I don't use WinXP very often and was a bit surprised to see it connect to a peer-to-peer network.

I believe this behavior is off by default. The last XP laptop I used required me to agree to connect to an unsecured hotspot, let alone a peer-to-peer one.

Re:Gotta Remember, They're Users

[ceoyoyo]

Somebody's gotta provide longer range connectivity at some point.

I've got a hacked Linksys router that lets me set up multiple virtual access points. So I've got the unlimited one I use, and an open, bandwidth limited one. If you want to check your e-mail, look something up or grab a map from Google, come on in. If you want to download torrents then you need to pay for your own connection. I wish more people would do this (and the hardware supported it out of the box).

That way the ISPs get paid (many of the little ones actually really like wireless and mesh configurations because they don't have the infrastructure to run a wire to everyone's house), and we all get more convenience.

Re:Gotta Remember, They're Users

[NeverVotedBush]

Sorry - your post wasn't clear. There was a fairly long window in time where some vendors would install Office on the systems they sold and claim it was included for "free".

Now I see what you were saying but don't fully agree. Most people who install Linux, even now, understand the differences between Linux and Windows and that if they buy a Windows machine and don't install Linux over it, they are looking at a big outlay of cash to do anything more than play minesweeper or solitaire.

Re:Gotta Remember, They're Users

[AeroIllini]

People are not stupid. They're just not up on all the technical jargon--which every industry has, and not everyone can be fluent in all of them. Doctors don't hang signs in their offices saying "Your aorta is not your heart" and "you can't replace a kidney without a donor". Mechanics don't hang signs saying "timing chains aren't used much anymore" or "spark plugs need replacing". That's what the doctor or mechanic or whoever is for: they are the *expert*. Not everyone can be the expert in everything, and not everyone is able to speak in a fluent jargon. Us techies have brains that are wired for very specific, precise meanings of words: the words "Windows" and "Office" have very well-defined meanings when you and I talk about them, but the advertising Microsoft uses intentionally blurs the lines, and many people just don't ascribe such precise meanings to words. It's even more confusing when the techies themselves use interchangable and ill-defined terms, like "computer", "machine", "box", "system", and "rig". Cut people some slack.

Additionally, the marketing for products to users is many times, intentional or not, misleading. Consider the following: you walk into a cell phone shop, and the salesperson sells you a phone, saying: "it has wireless internet! Just click this thing here and you're online." You take it home, click the thing, and you're online! Then you go to a laptop shop, and the salesperson sells you a laptop, saying "it has wireless internet!" You take it home, click the thing, and you're not online. So you bring it back to the shop to ask why, and the salesperson says condescending things about how you need an internet connection to get internet, DUH, and boy are you stupid.

This condescending attitude of techies toward the "lusers" is a big part of the reason why people are still afraid of their computers.

Re:Gotta Remember, They're Users

I seem to recall that an earlier version of Windows (98? ME?) would automatically connect to the first unsecured wi-fi hotspot it would find, so that might be the reason...

Re:Gotta Remember, They're Users

[swillden]

As will some small, local internet service companies and their employees. Well yeah, it's hard to compete with "free".

It is. And if you're okay with freeloading, then go for it. Just don't try to claim that the only people you're hurting are some big multinational. Actually the truth of the matter is that you're not hurting the ISP at all, whoever it is, because they're clearly just going to adjust their price model to remain profitable. That means that the people you're hurting are the people that pay for the service; they pay a little more so that you can skate.

Re:Gotta Remember, They're Users

[swillden]

If you want to check your e-mail, look something up or grab a map from Google, come on in.

I actually leave my AP open for exactly this reason as well. If someone wants to borrow my connection for a few minutes, they're more than welcome. I appreciate the open access points I occasionally make use of, and I think it's neighborly to make the same service available to others.

What irritates me isn't the people who borrow a connection from time to time but the people who do it instead of getting their own, and even more, the people who do think I'm stupid for paying for the service that I use.

Re:Gotta Remember, They're Users

[darkpixel2k]

Things are slowly changing in my area because I've noticed over time that now the majority of APs have some form of encryption.

Hmm...maybe that's my doing. A friend and I used to drive around and look for open access points. When we'd find one, we would attempt to connect to machines on the wireless network and look for printers. If we found one, we'd print out a few pages of instructions mentioning their wireless was insecure and how to fix it for the most common devices.

Of course the evil side of me said we should have been printing out goatse...

Re:Gotta Remember, They're Users

[ceoyoyo]

I agree with you. It would be great if more (some) of the manufacturers would put some kind of selective permissions capability into their WAPs so you could let the public use it, but throttle them so it wasn't a viable alternative to your own wired connection.

The big ISPs would hate it, because then they wouldn't be able to sell nearly as much overpriced hotspot access. I haven't yet found a wireless hotspot that doesn't cost me as much for a couple of hours as I pay for my wired connection per month.

Re:Gotta Remember, They're Users

[swillden]

I agree with you. It would be great if more (some) of the manufacturers would put some kind of selective permissions capability into their WAPs so you could let the public use it, but throttle them so it wasn't a viable alternative to your own wired connection.

That's what I do, actually, although my WAP doesn't handle it. I run my AP in bridged mode, so the WiFi client MAC addresses are visible to my router (a PC running Linux). My traffic shaper gives priority to a set of "known" MACs. Other devices are allowed to use up to my full bandwidth, but the visitors can get throttled back to as little as 10% of the bandwidth if my machines start using the connection.

I imagine you could take a typical Linksys router/WAP, flash one of the available Linux images with CFQ and accomplish the same thing directly on the AP.

I agree that it would be really cool if some vendor would offer this out of the box. Even better if it also provided the option to emulate a pair of APs, one encrypted and one unencrypted.

Re:Gotta Remember, They're Users

[sm62704]

Like I said, if I get wifi I'll leave my connection open. If Joe doesn';t want you to "leech" he can close his. It's a personal decision that should be levt up to the person with the hotspot.

Re:Gotta Remember, They're Users

[stewbacca]

Sigh .. more explanations. The only "sigh" worthy of your story was the fact that it was tagged as "funny".

You can live with your intellectually superior wold-view as long as you like, but there isn't anything really that shocking about the woman's behavior. Had she understood she was piggy-backing off her neighbor in the first place, but still didn't know why she no longer had access, that would be sigh-worthy.

Not everyone is a geek, and that's not a bad thing. Would you rather of not had the business in the first place?

Re:Gotta Remember, They're Users

[ClamIAm]

Did you forget to capitalize that 'b', or do you actually pay $59 for 18 gigabits of transfer? My grandparents could run over that limit if they listened to Net radio while they checked their e-mail.

(Also, if Grandpa understood file types and helper applications better, he'd probably download more, um, videos. I've found a few laying around, saved to odd folders.)

And why is this bad?

[Ed+Avis]

When you set up your wireless network you can choose whether to allow open access or not. If the network's owner has specified that anyone can use it, why is it bad to do so? I have my wireless router at home set up for open access and it does me no harm if others use it for occasional web browsing. The only flaw is that many routers don't have a way to prioritize or cap usage so that my work isn't slowed down by other people's Bittorrenting.

Yes, it's sent unencrypted - just like network traffic over those old-fashioned things called wires. We all know to use https and ssh for secure connections anyway.

Re:And why is this bad?

[LiquidCoooled]

Its a lot more difficult for someone sat outside in their car to jack into your internet connection if you use those antiquated things called wires.

Initial security via a big lockable door is better than any encryption.

(Yes, once it leaves the house it can be jacked with a MITM attack, but I believe most wifi jackers don't carry the equipment necessary to get into my ADSL line or cable connection).

Re:And why is this bad?

I think that it is admirable that you want to share, the problem is how do I know that you are leaving it open on purpose? If I see my neighbors garage door open, should I just assume he is willing to share his yard tools? If your front door is open, can I go in and take a nap on your couch?

Re:And why is this bad?

[scubamage]

Its only bad because it hurts businesses, thats about it. Look how many public WiFi proposals get shot down on a regular basis. As for why its bad to leave it unsecured, Congress has basically decided that if you leave an access point unsecured and someone uses it to download kiddy porn, or talk to their 'terrorist' buddies overseas, you are guilty as an accomplice because, "you should know better." More great legislation brought to us by a bunch of old WASPs and a few overzealous soccer moms.

Re:And why is this bad?

[archkittens]

if my neighbor is broadcasting his garage tools across a wide area of our neighborhood on a public freqency, why not enjoy? ideally though, you've got a setup like my neighbors and i have. i give them wifi, they let me use their hedge clippers.

Re:And why is this bad?

[Chabil+Ha']

It may be against your terms of service for you to open it up. I remember in one of the contracts that I had with an ISP, it was in no uncertain terms, you were not allowed to share your connection with another. Too bad that it's not very enforceable as that was the sole purpose of having the line--to split the outrageous bill.

Re:And why is this bad?

[auric_dude]

Some advocate stealing Wi-Fi links http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110 but only with the knowledge of the owner and besides the chances of being caught by the RIAA if a guest downloads something they should not is after all rather small.

Re:And why is this bad?

[plague3106]

No, the network's owner has specified the link isn't encrypted. That has nothing to do with whether or not the owner thinks its ok for YOU to use his network.

Re:And why is this bad?

[falzbro]

why is it bad to do so?

What if someone decides to download all sorts of child pornography, and it gets tracked back to your IP?

Re:And why is this bad?

[FireXtol]

You're confusing digital with physical. Don't feel bad, law makers do it religiously.

This is the internet. If I allow anonymous access to my FTP... then allow full (777) privleges on everything. It's my fault if anything bad happens.

Where is the personal responsibility?

The owner of the WAP has complete control over it. If the owner bothered calling the support number for the WiFi Router... a customer service rep would gladly assist the owner in securing his WiFi network.

An unsecured(open) WAP should be 100% legal to connect and use. Now then, even if you know the key to a secured network you should not be permitted to access it with authorization.

Re:And why is this bad?

[ACMENEWSLLC]

>>the network's owner has specified that anyone can use it, why is it bad to do so?

If your ISP is through your Cable company, you are an accessory to cable theft unless you have an account which allows for sharing. Some offer a business class and allow for sharing.

If your ISP is through your phone company (DSL) and your contract forbids this (not all do) you are aiding in theft of phone services.

If you have a contract which allows you to share like this, consider contributing to the free hotspot community.

Re:And why is this bad?

[delt0r]

I have a FON access point with a booster and Just a plain wireless that I have left open for others to use. Its open because they are allowed to use it. They up to 50% of my bandwidth (2Mbit). Its cost me nothing, so why not?

Re:And why is this bad?

[Mr.+Slippery]

Some advocate stealing Wi-Fi links

You cannot steal that which is freely offered.

Re:And why is this bad?

[SnapShot]

OMG! Open WiFi == Pedophilia! Think of the children! There ought to be a law!

Re:And why is this bad?

[SnapShot]

Damn, I forgot the most recent one: If you open your WiFi then the terrorists have won!

Re:And why is this bad?

[delt0r]

What a load of crap. How many pedophiles do you think are really out there?

You have been suckered by one of the four horseman of the internet Apocalypse. Used by Governments world wide to justify new laws.

Are you afraid of terrorists when you go to the movies? Or on your way to work? What about all those pedophiles that you walk past every day! They might take a look at you child! OMG Won't Someone thing of the children!!

Re:And why is this bad?

[rantingkitten]

Don't be naive. The owner of the WAP almost never "specifies" that it should be open. It comes that way by default. The overwhelming majority of people just plug the thing into their modem and consider it great that now they can take their laptop all over the house with this magic wireless thing.

If someone alters the SSID to state that it's meant for public use that's one thing. But to act like any open AP is an indication of the owner's intent is idiotic.

All the mindless bleating around here, about how your computer "asked" for an IP and the router said "okay", doesn't change that. Nor do any of the silly analogies about water fountains in your front yard, or unlocked doors.

This is slashdot. We all know how users think when it comes to technology. Why do we want to pretend that on this one topic, those same users are suddenly extremely savvy and are deliberately leaving their APs open, instead of acknowledging that they're doing the same thing they do with everything else -- getting it functional and leaving it the hell alone after that?

Re:And why is this bad?

[Deadstick]

OK, forget the kidpr()n. How many Office, Photoshop and AutoCAD torrents are exposed on his IP?

rj

Re:And why is this bad?

[delt0r]

Now that is much more likely. But then again we are the kind of people that know about it and how to do it. Perhaps mp3s are the most probable illegal activity that could happen.

Either way, I am breaking no law or contract where i am. So i won't sweat it. (I provide a free access point.)

Re:And why is this bad?

[SatanicPuppy]

Same analogy as always, and as always it's bad.

An open WAP isn't an open door; it is an open door, with a door man who gives you a key and a room number, and this door man is constantly shouting over a loudspeaker that there are rooms available to anyone who will listen.

In that case, if someone came in, would you blame them?

Re:And why is this bad?

[Technician]

When you set up your wireless network you can choose whether to allow open access or not. If the network's owner has specified that anyone can use it, why is it bad to do so? I have my wireless router at home set up for open access and it does me no harm if others use it for occasional web browsing. The only flaw is that many routers don't have a way to prioritize or cap usage so that my work isn't slowed down by other people's Bittorrenting.

Sure there is. Use any modern router. Whitelist ports 80 WWW, HTTPS, and whatever else you want. All other ports are dead, including bittorrent.

Re:And why is this bad?

[evilandi]

I quite agree. I deliberately run my own open public wifi hotspot, and I encourage others to do so too. I'm grateful to all the people out there who are as public-spirited and community-minded as myself.

I've bandwidth-throttled and firewalled anyone who doesn't come in on the encrypted VPN though, to be on the safe side (documented here: http://www.nam-vets.org/frampton/hotspot-howto.php ).

What would be ideal, would be an industry standard that WiFi routers ship as open by default, throttled by default (say, no single user can gobble more than 75% of the broadband bandwidth), firewalled by default (say, only ports 53, 80 and 443 open outbound, no inbound unestablished connections), and optional encrypted VPN by default. Since most wireless APs are embedded Linux, that would be relatively easy to implement - and the VPN would be compatible with all the major OSes.

Re:And why is this bad?

[dodden]

Why does everyone try to silence me with ssh. Don't they know they are mis-spelling it? j/k

Re:And why is this bad?

[D+Ninja]

What if your neighbor decides to start downloading some bad stuff using your open network. AFAIK, you leaving your network open is not an excuse for what goes on on your network. You would be in deep s*it. (Someone please correct me if I'm wrong.)

Re:And why is this bad?

Probably because of chickens?

I don't know, just thought I'd throw that out there.

Re:And why is this bad?

[Chris+Mattern]

If the network's owner has specified that anyone can use it, why is it bad to do so?

Well, for one thing, it probably violates his contract with his ISP.

Now, that's a matter between the network owner and the ISP. Another, more serious problem is that, most likely, 90%+ of the people who have a completely open AP have it that way because that's how it came out of the box and a) have no idea that they have opened their network access to the world and b) have no idea of the consequences of opening their network access to the world (inadequate bandwidth because other people are using it, legal liability for what other people are sending over your connection, and so on).

Re:And why is this bad?

[CODiNE]

If the network's owner has specified that anyone can use it, why is it bad to do so?

Because the world is slowly moving one step after the other towards a new legal concept "Guilty until proven innocent".

Re:And why is this bad?

My SSID is my phone number, and it is formatted to look like a phone number.

Re:And why is this bad?

[eln]

Man, you're getting a raw deal. Your neighbor is saving at least 20 bucks a month for Internet access, and all you're saving is a one time 30 dollar charge for your own hedge clippers.

You should ask for more, like free access to his wife or something. Really, wife and wifi are only one letter apart, so he should be okay with the arrangement.

Re:And why is this bad?

[TheBig1]

I am not a lawyer, but if anything wouldn't this just give you plausible deniability? "I'm sorry, your honour, but it must have been my neighbour who was downloading hundreds of MP3s".

(I currently have my AP encrypted, but I am seriously thinking about opening it. I just need to get another, wired AP to put my server / printer etc behind, and figure out a good way to let me print via wireless but not person $FOO from outside.)

Re:And why is this bad?

[compro01]

every wireless router i've seen in the past year is secured by default with at least WEP.

yes, WEP is ludicrously broken, but it serves the practical purpose of a fence with a "no trespassing" sign nailed on it. sure, someone who wants to can discover the key within minutes, just as they could ignore the sign and step over the fence, but at that point, they know i don't want them there, and it becomes straight-forward trespassing IMO.

Re:And why is this bad?

[Shimmer]

To act like any open AP is an indication of the owner's intent is idiotic.

We're not idiots - we understand that most people probably don't intend to share their Internet connection with anyone passing by. But since these owners' actions are entirely inconsistent with their intent, I think it's actually you who are being naive about what happens.

They are accidentally inviting people to use their Wifi. Yes, it's by accident, but it's still a completely valid invitation and you really can't blame people for accepting it.

Let's say someone sends you an invitation to a Smith family reunion, even though your name is Jones. You RSVP and ask "is it really OK for me to come?". If they answer yes, then you can hardly be blamed for showing up on the day of the party (especially since you mean them no harm and just enjoy parties).

Re:And why is this bad?

[The+Gaytriot]

Several of the wireless routers I've set up have instructions to insert an included CD which installs some software and guides you through a wizard which walks users through basic wireless settings. My friend's parents set up their own router by this method and they are far from what I consider tech savvy. Yet they managed to set up a WPA-PSK secured network by following the hand-holding wizard that came on their Linksys CD. On the other hand, I've had to help people who were a "step-up" from computer newbies. You know, the real dangerous ones who know just enough to break things seriously. They didn't think they needed the CD or wizard to help them set up their network, several of them have ended up with working yet completely open wireless networks. SSID was left at default and you could access the router wirelessly and configure the router by using the default UN and PW (admin, blank, admin, 1234, etc.) It seems like the wannabe power users are the problem more than the clueless ones. I would point out how Windows automatically connects to the first open wireless network it finds, unless you specifically set it up for a certain one, but the article implies that these users are knowingly connecting to another person's wi-fi. Personally I keep my wireless as secure as I can get it. My basic DSL service is too humble for the four computers already sharing its connection, I would prefer not to share it among any more if I can help it.

Re:And why is this bad?

[archkittens]

she's approximately 25 years older than me. maybe i'll ask for his daughter instead :p

i also technically save my time trimming the hedges, he sends his kids over to do my yardwork, as "thanks" for their high speed internet service. my other neighbor makes cookies!

Re:And why is this bad?

It still does not mean you can take up residence in the building without paying rent.

Make up any analogy you want, just because something is available to you, does not mean it is right for you to take it.

Re:And why is this bad?

[rantingkitten]

The problem with your analogy is that a human gets involved in the decision-making process, and articulates his intent. In so doing, he personally clears up any potential misunderstandings about what he wanted to do.

With wireless, you can't make that assumption. The router's "invitation" counts for nothing about the owner's intent, unless the owner has taken steps to make it totally clear it's open (like renaming the SSID). If you're looking at a default, out of the box WAP, then yes, it is accepting your requests, but you can't assume that's what the owner intended. In fact, since most people who know what they're doing wouldn't leave everything at default, you can probably assume it's just some hapless user who doesn't know any better, which further erodes the notion that he intended the AP to be open.

Re:And why is this bad?

[NeverVotedBush]

What? You trust someone to access your WAP anonymously and do whatever they want on the Internet, but you don't trust them to not print 10,000 page documents to waste your ink and paper, or to raid your server?

If you trust them, you trust them, right? Or am I missing something?

And data flowing through your WAP still implicates you in whatever that data was. Do you get away with it or not? I'm not willing to risk my financial future or freedom on that risk.

Re:And why is this bad?

[Deadstick]

From your spelling I gather you're in Rightpondia and I don't know what you have that corresponds to our DMCA. But over here on the left, the copyright holder would trace the IP on the torrents to your ISP and send them a takedown notice. The ISP would trace the IP the rest of the way to you, pass on the notice, and inform you that if they got any more of them you would be looking for a new ISP.

Criminal law is a separate issue.

rj

Re:And why is this bad?

[NeverVotedBush]

Wow, dude. You say in your post that "They [use] up to 50% of my bandwidth (2Mbit). Its cost me nothing, so why not?" but then your signature says "If information wants to be free, why does my internet connection cost so much?".

That is about the most perfect example anyone could ever give of exactly why your internet connection might be expensive.

How could you possibly not make that connection? Are you some kind of retard?

Re:And why is this bad?

[TheBig1]

What? You trust someone to access your WAP anonymously and do whatever they want on the Internet, but you don't trust them to not print 10,000 page documents to waste your ink and paper, or to raid your server? Yes, pretty much. Just because I trust someone to check their mail and access Slashdot, doesn't mean that I want them to go snooping through my pictures, or accessing my personal files. It's not so much an issue of 'I don't trust you to not be a terrorist pedophile' as it is about privacy.

I do concede the point about the hastle of getting myself involved in a legal dispute if anything happens (P2P copyright infringement, etc). Filtering of traffic (only allow HTTP ports, for instance) can help in that respect. Sure, you still have the worries of someone accessing some website which the powers that be find offensive, but I am not really concerned about that.

By your logic, there would be no point in partaking in any sort of altruistic behaviour, as long as the risk exists that *someone* may take advantage of that altruism and use it for nefarious purposes.

Anyway, thanks for the reply!

Cheers

Re:And why is this bad?

Just because you can do something, doesn't mean you should. You are correct that the person who leaves their FTP connection wide open is inviting disaster. It still does not make it right for someone to go in an do bad things. I hear you on the personal responsibility, but it goes for everyone. If it is not yours, and you don't have permission to use it, leave it alone.

Re:And why is this bad?

[Shimmer]

One thing we can agree on is that these owners "don't know any better". So is one ethically obligated to treat a person better than he treats himself? Personally, I think the answer is no.

Here's another analogy: Let's say you walk into antique store and recognize that a vase they are selling for $10 is actually worth $1,000,000. Are you ethically obligated to inform the owner of this before purchasing the vase? I don't think so.

If you agree with me, then hopefully you'll also agree that the Wifi situation is even clearer, because the cost to the ignorant owner is negligible.

Note that I'm not condoning any sort of abuse here. No one or thing gets damaged. I'm simply saying that you don't have to look out for someone who isn't looking out for himself.

-- Brian

Re:And why is this bad?

[dwater]

...FTP connection wide open... It still does not make it right for someone to go in an do bad things. ..but it's ok to go in an do *good* things; like uploading or downloading some files.

The same things as applies when using someone else's wifi - ok for legal purposes; not ok for illegal purposes.

Re:And why is this bad?

[dwater]

...and it doesn't mean it *isn't* right either. The thing is, no one knows if it is right or not...only the owner.

Of course, the whole point in the username/password is that it's supposed to make it clear that you need authorisation to use it.

Re:And why is this bad?

[delt0r]

The if information want to be free *signature* is just that. A F**king Signature.

Its a throw back to the constant drone on /. that downloads don't cost companies anything and all information wants to be free (aka RS). You know things like iTunes. The "it cost noting to distribute" mantra so why does the RIAA/evil corp want to charge for its crap.

Well its a load of bullocks, running a site that provides mp3 or other downloads does cost a *lot* of money. That is what the sig is about, not my home internet connection you freaking moron.

Re:And why is this bad?

[stewbacca]

I remember in one of the contracts that I had with an ISP, it was in no uncertain terms, you were not allowed to share your connection with another. Are they gonna come out to my house and set that up for me, for free? Otherwise, I'll use the default settings, thanks.

Re:And why is this bad?

[stewbacca]

Just curios, what are the other three?

Re:And why is this bad?

[LMariachi]

Then why is the owner doling out valid IP addresses via DHCP? My computer: "Hello, I see you are broadcasting your presence as a wireless access point. May I have an IP address to utilize your services?" Owner's wireless AP: "Why certainly! Here you go, and enjoy your pornography!" The owner of the AP is advertising its availibility and, by proxy, authorizing all and sundry to use the resource. The analogy is not "a house with an unlocked front door" but rather "a public restroom with a large blinking neon sign." If you don't want people sharing your connection, turn off the sign.

Re:And why is this bad?

[stewbacca]

I see nothing wrong with a) or b) in this case, as a person is legally covered in b) by a). (Please, spare the "ignorance is no excuse" lines).

You'd be a specially gifted prosecutor if you were able to convict ME of illegal activity that my neighbor was conducting. If anything, I see an open access point as an alibi moreso than a liability. The burden of proof would be on the prosecution to prove I was doing something illegal (and not just my ip address) AND a trial by my peers would empathize with my technical ignorance.

Re:And why is this bad?

[rantingkitten]

I agree, we're under no obligation there. But that doesn't give us free reign to take advantage of them, either. Like if the cashier accidently hands you a fifty instead of a five for change, presumably he didn't know about the error, but I wouldn't say it's therefore ethical to just pocket it.

But I wasn't really arguing that. I was saying we can't keep the retarded argument of "Well, the computer asked permission and the router said yes..." when we all know the router is not representing the owner's intent. Whether we're ethically obligated to refrain from using it is something else; my point was only that people need to stop trotting out such an absurd assertion.

All that aside I have no ethical issue with stealing some wireless for a brief time, off some hapless doofus with the essid of "linksys" or "Belkin 54 G". But I'd draw the line at the type of people who just use their neighbor's wireless as their own, because they can't or won't get their own connection.

Re:And why is this bad?

[Shimmer]

Taking advantage of other people's mistakes is not so clearly unethical. There are plenty of examples where you can pocket that fifty without guilt.

People make the argument about one computer "asking permission" of the other when the discussion becomes legalistic. If you're going to accuse me of an actual crime for which I could do jail time or pay a fine, I'm going to point out that I asked permission first. This kind of nitpicking is what lawyers do for a living. You might not like it, but it's not "retarded".

Re:And why is this bad?

[delt0r]

Its a direct reference to www.schneier.com comments on the matter.

Re:And why is this bad?

[plague3106]

The DHCP server gives out IPs because that's what it was supposed to do. It was built with a wired environment in mind. Stop antroporphizing, it doesn't make your point. It makes your arguement look rather silly.

As for your assumption that an SSID is a sign, it's not. WiFi doesn't really work without it. My cordless phone's base station broadcasts, THAT DOESN'T GIVE YOU A RIGHT TO USE IT.

no differentiation- regular or intermittent?

[call+-151]

This is a pretty inane study- there is a huge difference between occasionally looking for an open wireless when away from home to browse and using a neighbor's open wireless as your main pipe. And the comments about identity theft are ridiculous, as most sensible people adjust their browsing/net use when using unknown networks to reflect their uncertainty in its security.

Re:no differentiation- regular or intermittent?

[bcattwoo]

And the comments about identity theft are ridiculous, as most sensible people adjust their browsing/net use when using unknown networks to reflect their uncertainty in its security. Great, now how many internet users fall under the category of "sensible people"? Given the number of people I see on the internet that are unaware of simple things like when and if they will get that "tax rebate", I suspect the number that realize their vulnerability when borrowing someone else's connection to be rather low.

Re:no differentiation- regular or intermittent?

[dmd53]

While I admire your high regard for the common sense of the common man, I'd be willing to bet that the most egregious infractions of good security sense are those perpetrated by people who don't know any better, rather than those who willfully disregard the risks. I've seen friends of mine--students among the brightest in the nation, no less--check their bank account balance on a public terminal connected to open Wi-Fi in a hotel lobby, and then shut the browser window and walk away--no logout, no cleared cookies or browser history, nothing.

On the other hand, people who are cavalier about their private information end up being the ones who suffer the consequences. Let's hear it for a little poetic justice, neh?

Re:no differentiation- regular or intermittent?

[FredFredrickson]

less--check their bank account balance on a public terminal connected to open Wi-Fi in a hotel lobby, and then shut the browser window and walk away--no logout, no cleared cookies or browser history, nothing. Logging out, clearing cookies, clearing browser history are not the problem. These are all on the laptop- which if the bank uses sessions (and it does, I promise), then the minute he closed the browser - it "logged" him out.

The problem is that anybody can watch the unencrypted stream of data on an open network.

Luckily- most banks use https, so it'd still be encrypted. So it's actually moderately safe. That being said, I make it a point not to check important information on other people's public wi-fi. It's just good practice.

Re:no differentiation- regular or intermittent?

[hairykrishna]

I agree. I occasionally use open wireless (thank you linksys) when I'm out and about with my Nokia 770 to check email and similar. I see no problem with this - I'm not impacting anyones internet use and I'm not pulling down enough to fuck with their monthly cap. People raping their neighbors pipe with aggressive bittorrent use are in a different category. Even if their neighbor should lock down their damn connection.

Re:no differentiation- regular or intermittent?

[STrinity]

And the comments about identity theft are ridiculous, as most sensible people adjust their browsing/net use when using unknown networks to reflect their uncertainty in its security.

My neighbors don't when they use my router. Bwa ha ha ha ha ha ha ha ha ha ha ha ha ha!!!!!!!!!!!!!!!!

Love,
Deborah Chen, SSN 045-44-7543, VA DL C4874928835y
7843 Castle Drive, Manassas, VA 22110

Re:no differentiation- regular or intermittent?

[FunkSoulBrother]

Is this really that terrible? What online bank isn't using https and killing the session as soon as the browser is closed.

Hell, even if the next person does see your bank balance is $2,762.10, what are they really going to be able to accomplish with that?

Ideally, no one really cares.

[EricR86]

But if they start borrowing and eating your already limited bandwidth and start choking your connection. Then just use some form of encryption and be done with it (AES).

It doesn't really matter whether or not it's illegal, they put themselves at risk if they transmit wireless on an unencrypted connection

I do, because Sympatico SUCKS.

[Ralph+Spoilsport]

I use sympatico DSL, and its so unreliable and badly throttled, that at least half the time I don't bother and leech off my neighbour who has wireless hooked up to her cable modem. It's actually FASTER for me to get data at 50% strength on wireless from the lady downstairs than it is for me to ethernet directly to my DSL modem. Pathetic. I'm moving in a few months and CANNOT WAIT to ditch sympatico.

RS

Re:I do, because Sympatico SUCKS.

[Chris+Mattern]

Um, if the cable service is so much better, why don't you get it yourself? I can't believe the cable company told you, "No, that's one floor further up, we don't run coax up there."

Re:I do, because Sympatico SUCKS.

Um, if Sympatico are so bad, why don't you switch to the ISP your neighbour is using? Most of the time when people complain about their ISP, it's because there aren't any other options in their area. Clearly that isn't the case for you.

Re:I do, because Sympatico SUCKS.

[Ralph+Spoilsport]

Because I have a 1 year contract that's up in July. As I said: I'm moving house, so in June, so as soon as we move, it'll be bye bye Sympatico.

cheers.

RS

Higher figure?

[phoenix_nz]

I have my doubts that more people 'borrow' Wi-Fi access. But as I couldn't find a link to the actual study, this is hard to confirm.
Personally I would guess that the result is much lower than in the study. None of my acquaintances have ever piggy-backed wi-fi, and that includes cosc (Computer Science) students, software engineers in the industry and of course plenty of people that know nothing about computers. At the same time only one person I know encrypts any hard-drive data (no not me).

I don't see why piggy-backing wi-fi is illegal, after all if someone leaves their gate open, they shouldn't be surprised if someone else walks through. (Note: If you misuse the network to steal data of your host, the stealing should obviously still be illegal)

Re:Higher figure?

[s0litaire]

So phoenix_nz If you left your car unlocked you would not mind if I used it to race down the local strip mall? Also none of your friends have "Admitted" to piggy-backing a Wi-Fi signal, since it is illegal and probably a reason to get kicked out of Uni/College/School/Job whatever..

Re:Higher figure?

[wattrlz]

... If you misuse the network to steal data of your host, the stealing should obviously still be illegal Yeah, but how are you going to enforce that? Easier to just pass a blanket, "No Trespassing" law and be done with it.

Re:Higher figure?

[plague3106]

Trespass is trespass, whether the gate is open or not.

Re:Higher figure?

[sm62704]

IINM (and iANAL) in Illinois you must have a "no trespassing" sign posted before you can prosecute someone for tresspass.

If you set your wifi up unsecured, there's no "no tresspassing" sign.

Re:Higher figure?

If the gate is open, AND there is a sign next to the gate saying:

"Please use this gate and come in, in fact here is your own ID badge showing that you are authorized to be here, the ID is valid for the next 72 hours.
Use these directions to to find your way around."

Then it isn't trespass.

Re:Higher figure?

Come on, a 5-digit UID and you still Fail?

I would expect better understanding of the situation from someone of your caliber.

They didn't leave their gate open. The gate is closed. However, they have a "gate-keeper", which they have instructed grant access to anyone who asks.

Not only does that gatekeeper allow everyone access, it also gives them an assigned number so that they can have all the same rights and access as the owners of the system.

I hate analogies, but you people always seem to get them wrong. Additionally, in order to be guilty of "computer trespass", you must bypass some type of security. How is it trespass, when you have asked for and specifically been granted access by the security mechanism?

I'm so sick of seeing all you morons FAIL!

Re:Higher figure?

[Trespass]

Trespass is trespass, whether the gate is open or not. Damn right he is.

Re:Higher figure?

[jdgeorge]

Trespass is trespass, whether the gate is open or not. That sounds clever, but simplistic and inapplicable.

In the case of unsecured wireless access, an unsophisticated user has no way of knowing that there is a "gate" at all. The "gate" you allude to is, from a user's perspective, frequently placed inside the comfort of your hypothetical trespasser's physical home, behind his locked door. The usecured wifi radio signal could be reasonably construed as an invitation, or even an intrusion by the person receiving a signal which may be degrading the performance of his own wifi radio signal.

Re:Higher figure?

[SatanicPuppy]

Blah blah blah. If I go down town for lunch with my laptop, and I open it up and see that there are a dozen available wireless connections, am I forbidden from using them. How about if I know that most of the downtown restaurants offer free wireless?

This is the case where I live, but it ain't all that savvy a town, so a lot of the points aren't well labeled. I can guess that the strongest wireless signal is from the restaurant I'm in, but it could be from one of the dozen loft apartments on the second floor of the building, or it could be from a restaurant across the street.

Am I supposed to not use the internet because I can't tell where the hell the signal is coming from, when I know that at least some of the signals are open on purpose?

This is the kind of crap that people like you want to stick the rest of us with. Open up your laptop, get signal, and then have to wander around trying to find out where the hell its coming from and if it's okay to use! Jesus, it'd be easier if they just provided ethernet cables.

The burden of security HAS to be on the provider of the service. Otherwise the whole system is worthless.

Re:Higher figure?

[swillden]

Trespass is trespass, whether the gate is open or not.

And if the gate has a big flashing neon sign, calling everyone's attention (SSID beacon), and a guy standing at the gate handing out free passes (IP addresses) and instructions on how to use the services provided inside (gateweay address, etc.)? Is that trespassing?

Re:Higher figure?

[Deadstick]

I have my doubts that more people 'borrow' Wi-Fi access.

Try a little packet sniffing in a large apartment complex sometime.

I don't see why piggy-backing wi-fi is illegal

#include "IANAL.h"

Because your contract with your ISP probably says so. If you the WAP owner know about it, you're in breach of contract; if you don't, the piggybacker is violating criminal law.

after all if someone leaves their gate open, they shouldn't be surprised if someone else walks through.

And "someone" shouldn't be surprised when they get arrested.

rj

Re:Higher figure?

[phoenix_nz]

If you took my car to race down the local strip mall, I couldn't use it anymore, that's a bit different to you sharing my connection.

I'm not sure what kind of friends you have, but mine also tell me about their taking trains without paying for the ticket/drug usage/other crimes. After all they are my friends, and they can trust me not to rat on them anytime soon.

Re:Higher figure?

No, but what if the gate has a recording blaring out "Hey, looking for someplace to go? I'm here!", then when you walk up to it you ask "Can I come in?", and a computer running the gate answers "Sure, come on in!" and opens the gate for you?

Would it be trespassing to walk through in this case?

Re:Higher figure?

[plague3106]

If there's any doubt, you assume it's private and stay off. Just because you don't see a no trespass sign doesn't mean there isn't one.

The wireless signal can no more be construed as an inventation anymore than my cordless phone's wireless signal. You're not allowed to use someone else's cordless phone to make a phone call. In some places, you can LISTEN to the signal, but not USE it.

So I think it's fair to use the exact same rules for WiFi. You can listen to someone's signal all you want, but you can't USE it to make check email any more than you'd be allowed to make a phone call from someone's base station.

Re:Higher figure?

[plague3106]

Read up on laws regarding cordless phones; an unencrypted cordless phone cannot be used to make phone calls.

Address handouts are there to make it easier to manage the network, not to be confused with permission to use the network. The SSID is required to make wireless work, so arguing it's being broadcast is an inventation to use the network is stupid. You can detect my cordless phone signal; that doesn't mean you can use my base station to make phone calls.

Re:Higher figure?

useless analogies are useless, whether written down or not.

Re:Higher figure?

You young whipper-snappers! Get your EM radiation off my lawn!

Re:Higher figure?

[swillden]

I don't care to look it up, but at least one US federal district court has disagreed with you, establishing the standard that the WiFi operator must make some effort to indicate that the service is not for public use. The best way to do that is to use WEP or WPA, but even hiding the SSID is probably sufficient.

Re:Higher figure?

[dwater]

but what do more sociable people do - ie people who *want to* (or even just 'don't mind') sharing?

Re:Higher figure?

[stewbacca]

The gate is a flawed analogy. Saying it is ok to piggy-back, as long as you don't steal or do illegal things is not flawed, and probably would survive legal muster.

WTF?

[glwtta]

Where exactly is this "considered an illegal act"?

How the hell do you "consider" something to be illegal? It either is, or isn't.

How the hell is 12% a "sizeable percentage"?

Someone's really trying hard to make an article out of nothing.

Re:WTF?

Uh, by considered I believe they do mean it is illegal. And it's illegal in the US without specific consent from the network owner. Accessing a wireless network you're not authorized to be on is considered a felony terrorist act, punishable by 30 years in prison. (Even though it should be just a misdemeanor B&E at best if you do no damage.)

Re:WTF?

[faclonX]

In Canada from what I've read and interpreted from the Laws regarding it, it is called "Theft of a Wireless Communications Signal" or something along those lines. Its punished the same way as people who stupidly put up antennas and broadcast shit over registered radio bands and then claim they didn't know. Truthfully, I use open wireless occasionally, but I use it to quickly check email or other low bandwidth things, which I tunnel through a secured VPN to my personal network, as well, I have the endpoint set to re-direct all traffic over the VPN. Now I just need to find my tinfoil hat so they can't read my brainwaves.

Re:WTF?

[SirGarlon]

How the hell do you "consider" something to be illegal? It either is, or isn't.

It must be kind of like skateboarding.

But seriously, it's a question of whether existing laws can be {twisted, interpreted} to apply to an {arbitrary, unforeseen} situation. That is, it depends on the state courts. What laws the DA tries to apply, depends on his {whim, professional judgment}.

IANAL and all that.

Re:WTF?

[BrotherBeal]

Someone's really trying hard to make an article out of nothing. Just wait a while and the editors will make two.

Re:WTF?

[pjt33]

How the hell do you "consider" something to be illegal? It either is, or isn't. Ask a top lawyer whether it's legal. The answer you get will almost certainly not be a straight yes or no, because in the absence of legislation which specifically addresses the issue it's up to judges to construe the application of existing legislation which broadly addresses the issue.

Re:WTF?

[TheWoozle]

How the hell do you "consider" something to be illegal? It either is, or isn't. Actually, the American legal system doesn't quite work that way. There are many, many "grey areas" where a person might be charged with a violation and yet be cleared of wrongdoing in court. Few laws are written without the need for interpretation, and none should be.

Re:WTF?

[businessnerd]

Someone's really trying hard to make an article out of nothing.

Well it was a study done by Accenture, a consulting company. Not only are they trying to make an article out of nothing, but they are probably also trying to sell an expensive solution for a problem that doesn't exist. I should know, I work for a competing consulting company.

Re:WTF?

[Actually,+I+do+RTFA]

Where exactly is this "considered an illegal act"?

I believe Maryland made it explictly illegal recently.

How the hell do you "consider" something to be illegal? It either is, or isn't.

Because the law is rarely (see Maryland counterexample above) explicit in "no leeching wifi". But other laws (e.g. listening in to EM transmissions) may apply. There are legal arguements both ways, and the courts will have to rule. Law has a lot of murkiness.

How the hell is 12% a "sizeable percentage"?

Well, "sizeable percentage" != "majority". For instance, 12% of the population being infected with AIDS would be a "sizeable percentage" Depends on what you are measuring.

Re:WTF?

I would also be very curious how the question was phrased. Yes, I connected to a neighbor's WiFi before, but that was over 5 years ago.

Was this survey asking if you currently "borrow" access (within the last month), or if I have ever done so?

Re:WTF?

[Mr.+Beatdown]

How is 12% a sizable percentage? Consider if 12% of the population admitted to committing a kidnapping at least once in their life. For some things 12% can be very significant, for "stealing" Wi-Fi, I don't think anyone's going to get too worried.

And, not to be redundant, but the law hasn't really said much about whether using an unsecured Wi-Fi access point represents a theft of services, though the groupthink (or consensus, if you prefer) on Slashdot has determined that it is the equivalent of visiting an unsecured web site.

Re:WTF?

[fishbowl]

>How the hell do you "consider" something to be illegal? It either is, or isn't.

There are plenty of things that can be acceptable in some context, but can be actionable for civil damages in some other context.

There are also different things that are illegal in very different ways. For example, walking across a street against the light, is illegal. Walking across the street against the light with a pound of heroin in your knapsack is also illegal. Shooting somebody in the crosswalk is illegal.

The idea that all these "illegal" things are equivalent or even comparable, is a problem from the start.

The question is not "is it illegal for you to use my wi-fi router?" The question is, "if you do some tangible damage to me while using my wi-fi router, does the law preclude me from seeking compensation for those damages?"

Re:WTF?

Actually, the law *is* subject to interpretation.

In other news...

[wik]

Zonk doesn't read past the headline.

Go Statistics!!!! Yeahh!!!

[PYRILAMPES]

So 96 people, some in the US and some in the UK accessed unsecured wireless for an indeterminable amount of time from an unnamed source. New study just out! 100% of landline phone customers have service with companies that allow random strangers to access their phone records! How many of the 12% accessed the service accidentally? At coffee shops? Mcdonalds? Nice contrite study results. Not much reference data... 800? How many in the US?.. Plus if they were random, how many were on the no call list?

Sociological breakthrough!

[Thanshin]

People actually share free things.

Collectively we're quite evil, but when it comes to free things, we can make the superhuman effort of sharing them.

However, this usually only works when it takes more effort to avoid sharing them.

Check for your natural sharing instincts in this situations:

You have to take out the garbage. You'd rather:

A. Take the garbage out yourself.
B. Share the garbage with the neighbor.
C. Pull out your own eyeballs with a rusty wooden sock.

You have to set up your network. You'd rather:

A. Configure it securely with a complex password you'll have to remember.
B. Not give a shit. At all. Not even to understand what a network is.
C. Cowboy Neal.

Re:Sociological breakthrough!

[sm62704]

C. Pull out your own eyeballs with a rusty wooden sock.

Just because of that unpleasant image, I'm going to have to subject you to a Vitrectomy. ;)

C. Cowboy Neal.

You win, I got nothin' worse than that.

Collectively we're quite evil, but when it comes to free things, we can make the superhuman effort of sharing them.

Even when it comes to non-free things. All those MP3s on the P2P networks were originally ripped from CDs that were purchased for cash. All the items at a charity food pantry were bought with real money. Cash goes into the church collection plates and Salvation Army buckets.

Some people are self-serving, money-grubbing, stingy bastards, and the rest of us are quite generous.

Re:Sociological breakthrough!

[Thanshin]

Even when it comes to non-free things. All those MP3s on the P2P networks were originally ripped from CDs that were purchased for cash. All the items at a charity food pantry were bought with real money. Cash goes into the church collection plates and Salvation Army buckets. Buying an object with money doesn't make sharing it non-free. I may buy a cd because I like it, and then share it because it's free for me to do so.

I may buy pants, because the judge told me so, and then give to charity later, if I would throw them away otherwise (if they have 0 value for me for any reason).

Not surprised

[GameboyRMH]

I have a Speedstream 6-series-something (6200?) router, and it has this problem where if you disable the wireless, you have to do a hard reset to enable it again. Long story short I was running an open wireless network for a while, and there was never less than two leechers on the network, in a well-spaced neighborhood full of old people in a third world country. I'd hate to see what would happen to an open wireless network in a crowded metropolis.

Other interesting fact: Me and a friend were wardriving with just a regular laptop, no special antennae, speeding down the highway, and we picked up a LOT of networks, often with a good signal. Some of these were in places with no buildings in sight. When I get a working laptop again I plan to implement a setup that leeches off open networks as I drive (mainly for a Google Earth-based navigation system, anything sensitive will either have to be encrypted or left out), and I have no doubt it will work nicely.

Re:Not surprised

It won't work; the connecting and DHCP takes too much time, you occasionally get 5-second bursts of connection... Wonder why AC? Yeah, I tried it.

The one chance would be a high-gain directional antenna pointing fore-and-aft. That way, you can pick up a station a long way in front of you, connect, transfer data, and lose it when it's way behind you. And you need GPS data so you can actually pick up the farthest AP in front of you, not the strongest signal. If you sorta hand-over-hand down the road with two NICs that way, I think it might work... I don't have the time or cash budget to do that, though.

Same password?

[Sobrique]

Yeah, I use the same password, for all the sites that require that I 'register'. So I use a fairly generic, almost dictionary word, because that way I actually get to _probably_ log into J random nonentity site that I don't give a toss about registering on, next time around.

Stuff I vaguely care about, gets better passwords, and regular changes.

That's not 'insecurity' that's 'too many places insisting on registration'.

MORE than half use the same password...

[rdhatch]

"Nearly half of all respondents said that they used the same password for all of their online accounts..." I have statistical evidence (sample size of a little over 5000) that proves that says that the percentage is MUCH higher...more like 80-85%. We talk all the time about privacy, net security, identity theft, etc., but this something that is VERY often overlooked. There are many LAMP projects out there (mostly put together by high schoolers or ambitious university freshmen) that collect an email and a password for their own user authentication and then don't encrypt their users' passwords in database. Dishonest 15 year-old admin + one select query on his own database and then approx 80% of the time you have access to the users' email account. From there, the sky's the limit. Online banking, university login accounts, etc. Troubling to say the least. We need a LOT more education of stupid kids that don't know how to encrypt passwords safely in their DB. Furthermore, we need to remember good old fashion ethics in this stuff.

Re:MORE than half use the same password...

[maxume]

Unfortunately, explaining or presenting a decent set of ethics does very little to actually instill those ethics.

But you get permission every time

It always seemed odd to me that this was illegal, when in reality you are asking for and getting permission. That is, as everyone here would know, your laptop (for example) has to ask the wireless router for permission to connect. The router then grants permission and allocates an IP, all within its normal operating process (i.e., no trickery or hacking involved). It is not a passive process, like, say, entering an unlocked home, in which the house is passively exploited.

Re:But you get permission every time

Oh please. Saying the router grants you permission to connect is like saying my unlocked door grants you permission to enter my house. Both my door and my router have the same right to give away something I pay for - none at all.

The point is the law doesn't exist to protect routers is exists to protect the people who own the routers. Logging onto an unsecured network is every bit as passive as entering an unlocked house, because their is no human giving you permission in either case.

Maybe in the far future if routers are sentient and recognized under the law as having rights, you may have a point. But not today.

Re:But you get permission every time

[gurps_npc]

Bullcrap.

The point you are missing is that it is NOT at ALL like entering an unlocked house.

It is like entering an unlocked BUILDING.

When you see an wifi connection, all you have is a name. You DON'T know if it is someone's house, a bank, or a bus stop, or a church.

CHARITIES EXIST. There are places that legally leave open a wifi connection for anyone to use. Similarly, Churches exist. They open there doors to everyone.

It is NO more wrong to enter an open wifi connection and use it, then it is to step out of the rain into an open building.

It is the responisbility of the OWNER of the building/wifi to lock the doors/connection if they don't want people to use it.

This way it lets the wonderful people offering free access (like say the co-op where I buy my food has an open wifi connection, or the church across the street) do so without hinderance.

You want privacy, you have an ISP contract that prevents other people from using your wifi? Fine it is YOUR responsibility to protect it, not ours.

The charities have the right not to be forced to go to ridiculous lengths to tell people that 'yes it is OK to use us'. Similarly innocent people have the RIGHT to assume it is a charity if you are so moronic as to not even put a lock on the door or ANY sign at all that it is not a charitable free wifi.

Re:But you get permission every time

[Nafai7]

how is entering your house or utilizing bandwidth "giving away something something you pay for"?

explain what you no longer possess just by the mere fact of using your bandwidth?

this is such a ridiculous assertion, I suspect you may just be a troll

Re:But you get permission every time

explain what you no longer possess just by the mere fact of using your bandwidth? My ISP charges me more if I go over a monthly bandwidth limit. That's how.

Seriously, you couldn't think up that very obvious answer by yourself?

Re:But you get permission every time

When you see an wifi connection, all you have is a name. You DON'T know if it is someone's house, a bank, or a bus stop, or a church. Being ignorant of whose wifi connection you are using is not a defense at all! Sure it could be a charity connection, in the same sense that the bike on the street in front of my house could have been left there for anyone to use. However you don't automatically get to use something because there's a chance you might be allowed to. That's absurd.

Similarly your assertion that it is a building owners responsibility to secure his doors or allow anyone inside is also ridiculous. You simply can't enter random unlocked buildings and be certain you are not breaking the law! It's nice to be able to get out of the rain by entering an unsecured building, but that doesn't neccesarily give you the right to!

I'll carry on your building analogy to it's logical conclusion. If you enter an unlocked building and the owner doesn't mind, no harm done. If you enter an unlocked building and the owner does mind, he/she can call the cops and you will be charged. You think the owner of a church or chairity doesn't have the right to kick you out (and call the cops if you refuse)? Of course they do. Likewise if you use an unsecured internet connection and the owner doesn't mind, no harm done. If the owner does mind however, and finds out, they can call the cops and report you. Saying that the connection was open so obviously you weren't doing anything wrong will not go over well with a cop or a judge, nor can you expect that such a defence would.

Finally your assertion that a chairity would have to go to "ridiculous lengths" to notify people that their wifi connection is free for any to use is crazy. How about naming the connection "open4all" or something else obvious? That way people connecting could be relatively certain they are not using the connection of someone that would mind. On the other hand if you go connecting to any open connection labelled "linksys" at will, be prepared that you may have to face some consequences.

Re:But you get permission every time

[mollymoo]

If there isn't a sign on a building that says it's a church, business or other building which welcomes people in off the street you have absolutely no right to assume it is. All the free, open access points I've seen have had the name of the establishment or something making clear it's free as the SSID, like "SamsCafe" or "FreeBarWiFi".

Re:But you get permission every time

[Fnord666]

... had the name of the establishment or something making clear it's free as the SSID, like "SamsCafe" or "FreeBarWiFi".

Unless you are at their corporate headquarters, the SSID of "Linksys" doesn't count.

Re:But you get permission every time

[ceoyoyo]

So last week when I walked into a shop and the shopkeeper was in the back, I was committing a crime until he came out to the front and saw me?

Re:But you get permission every time

An unsecured wifi connection is not a shop. You can reasonably assume that the owner of a shop has no problem with you being on his property when his shop is open for business. The shop will have signs, advertised business hours, etc, all right there on the front door for any and all to see. The shopowner went to the trouble to specically advertise that fact that you can enter. As such it is almost always entirely unambiguous as to when you can and can't enter a shop. The same cannot be said for any random default "linksys" network.

A better analogy is that you entered an unmarked building when you couldnt see anyone inside. Maybe the owner doesnt mind you being there, maybe they do. Who knows. But if the owner does have a problem with you being on their property, they have every right to call the cops and have you charged with a crime. "I didn't know it would be a problem" is not a defence.

Re:But you get permission every time

[PhotoJim]

+1 insightful. This is a really interesting point. I'd love to see this brought up in a court of law. I agree with you that using "borrowed" WiFi is not at all passive. Slightly tangentially, my personal opinion has always been that you are using the public airwaves with your access point, and that it is up to you to protect the broadcast. If you use an analog cordless phone, I am free to listen to your conversations because they are unencrypted. It is another matter entirely for me to decrypt encrypted traffic, whether it be voice or data.

Re:But you get permission every time

[ceoyoyo]

An (unnecessary) beacon advertising its presence would seem to be a good analog to a sign on a shop.

Around here if a piece of land doesn't have an obvious no trespassing sign on it, you are NOT trespassing unless someone comes along to tell you to leave. You don't have to go look up a land title to see if it's crown land or not every time you go for a walk.

Even though you're arguing as if it's an absolute, the issue comes down to tradition and custom. It's very unfortunate that in some places it seems to be becoming custom to criminalize innocent activities.

Re:But you get permission every time

[gurps_npc]

Bus stops do not always have signs, beyond advertisements that do not in any way indicate that it is a bus stop. Samscafe does NOT in any way indicate it is'free'. How am I to know that Samscafe is a free wifi, but that CharliesPlace is not?

In fact, the Bus stop is the BEST example I have thought of.

1. The absence of a password is equievelent to the absence of a WALL. I mean, cripes, you could at least put up a password of 123456.

2. I am talking about using the wifi to get to the internet, not into someone's files, so it is in effect a transportation network entree point, just like a bus stop.

People need to take PERSONAL responsibility for their actions, not blame others for their total inability to do simple, basic precautions that any 5 year old knows to do. This is not something that requires technical skill at all, it is simply putting a PASSWORD on your system.

Re:But you get permission every time

[mollymoo]

Have you ever actually seen anything which isn't a bus stop, but which looks just like a bus stop? Anyway, SamsCafe doesn't indicate that it's free and I never said that it did. You have to get that information from elsewhere, but if you're in Sam's Cafe and they have a sign saying "free wireless internet access for customers" then you're pretty safe connecting to SamsCafe. If you're in Bob's Cafe down the road then you probably aren't OK connecting to SamsCafe, just as you're not OK parking in the car park for Sam's Hardware if you're shopping at Bob's Supermarket down the road.

You are responsible for your actions when choosing to connect to a network which you do not know you are authorised to connect to. Take responsibility for finding out which you are allowed to connect to. Aww, that takes some effort on your part. Well boo fucking hoo. Take some PERSONAL responsibility for you actions.

and this is a problem because?

[archkittens]

if you dont want your community to use your wireless, but you want the ease of unsecured access, use mac address filtering on your wireless router. most all 802.11b/g/n integrated service routers come with that feature in an easy to use package. if you CBA to keep people off your network, it WILL be used.

it makes it a bit harder to add devices to the network, but once again, tis still easy.

i keep mine unsecured simply so that if there is ever a disaster in the area, the cisco NERV (i got to tour it the other day, was awesome) can override it and add it to the disaster mesh. i think of it as community service.

http://blogs.cisco.com/news/2007/11/video_ciscos_network_emergency.html

Warned my neighbour

[scsirob]

I came across an unsecured network with strong signal a while ago. Turned out to be someone across the street. They had 4 Windows systems attached, with C: drives shared, unprotected. I also found a shared printer on their network.

I warned them by printing a page on that shared printer, identifying myself and describing the problem. Next day the access point was secure..

Re:Warned my neighbour

[superdana]

I had to do something similar when some moron attached his WAP to the apartment Ethernet network backwards. He'd connected the wall jack to one the LAN ports on his WAP, and was serving DHCP to the entire complex--thereby shutting down the entire network. Naturally he hadn't changed his admin password, so I logged in to the web interface and changed the name of his network to "please call xxx-xxxx." A few minutes later the phone rings, and a few minutes after *that*, we had a working network again. (And he had a new admin password.)

Re:Warned my neighbour

I warned someone in my college dorm this way too, only it involved a 500 page document of "Hidey Ho Neighbor!"

Re:Warned my neighbour

man oh man could you have had some fun. YOU KNOW WHO THE GUY IS AND CAN PRINT FROM HIS PRINTER!! You should have written some business correspondence (make sure it includes his full name and address!) and "faxed" it to his printer as a practical joke, with a reply fax and e-mail address. chances are he would have replied by e-mail, but don't reply back by e-mail, oh, no, continue to "fax" him thru his printer. oh man that would have been great.

Re:Warned my neighbour

[CODiNE]

I had that exact same experience a few years ago... except it was a bank... and I didn't tell them who I was.

Re:Warned my neighbour

[Craig+Ringer]

These people usually also have a default admin password in the router that's trivially guessed.

From the router's PPPoE configuration you can get their ISP username (usually in user@domain form).

From there, you can politely email them and inform them that their system is wide open to the world, and cc their ISP's support address on the remote chance they care. There's need to mention how you know their email address, just in case.

I recently did just that for a company that had their wifi network wide open ... right across from a foodhall near a university. Ouch. It was presumably the work of a cut-rate "consultant" ... the ESSID had been set to the business name, but the default password was still in place and there was no WEP/WPA.

It's a great deal nicer than generating phantom print jobs.

Sure, some people choose to keep their wifi networks open, but they're usually clearly identified as such and don't have machines, printers, etc on the internal network visible to the public.

I think running an open wifi network is crazy anyway. The backwards legal situation around such networks means that in many countries it's your job to prove you *weren't* the person doing something illegal on your 'net connection. ISP contracts also often have terms along the lines of "you take responsibility for what others do using your connection". Not worth the risk IMO unless you want to be the latest important test case. That's one of the reasons I make a point of trying to warn people with open networks... because I know people who've landed up in trouble for things others did with their computers and networks, and I don't want to see it happen to more people unnecessarily.

Re:Warned my neighbour

Hope you downloaded their mp3 and porn collection before that?

Re:Warned my neighbour

[TogusaS9]

These people usually also have a default admin password in the router that's trivially guessed. No kidding. A quick Google search will turn up a list of default SSIDs and admin usernames and passwords for almost every brand of router on the market.

Re:Warned my neighbour

[piltdownman84]

When I was in first year, we use to find find computers on the dorm network with their C: drive shared. We use to put hundreds of copies of this video of a girl, a dog and some peanut butter everywhere. People never learned. We use to do it to this one machine every week for months on end.

doing so right now

in chengdu, china. wep key: "apple"

Same password = throwaway stuff

[fotbr]

I'm guilty of using the same password on a lot things online. Several forums, throwaway email addresses, "register to read the rest of this article" news sites, etc. Basically, the stuff I don't really care about, and I don't give two hoots if it gets h4x0r3d.

I don't particularly see that as an "unsafe" practice, since none of it really matters.

Things I actually care about (personal email, anything work related, etc) get real passwords, and things that can really cause problems (banking, etc) don't get done via the internet at all.

Re:Same password = throwaway stuff

Things I actually care about (personal email, anything work related, etc) get real passwords, and things that can really cause problems (banking, etc) don't get done via the internet at all. You're also guilty of being a retard. OMG your banking information is so important I'm going to snoop in and break your SSL session just to get to your checking account. Get real, loser, know one gives a flying fuck about you.

Re:Same password = throwaway stuff

[fotbr]

Oh, I know I'm not any real target. But why even have it out there when the bank I use is a 10 minute walk from my house?

Nice try trolling though.

User beware

[headhot]

IF its open I use it. If you don't want me to use it put a password on it.

When I set up my WiFi I know full well that if there isn't a password, other people will use it.

I lived in a large apartnemt complex that was mostly college students. I could see about 20 open wi-fi systems.

Frequently they would be unprotected and often they were stepping on my frequencies. I did them the favor of configuring, changing the channel and passwording the systems for them.

IShareWiFi

I share my WiFi with anyone within range. It hasn't been a problem, I'm happy if a neighbor can make use of it.

In an apartment.

[WaltherPPK]

Living in an apartment, I was actually surprised with the opposite. It appears that there are 20 or so wireless networks with good signal strength in range, and I am in a corner of the building. However, there is not a single network that isn't using some form of encryption. I don't know if this is typical, but all the supposed luddites living in this building (a combination of college/university age couples and 50+ year old singles) have obviously figured their wireless routers out.

The other premise upon which people base a lot of paranoia regarding network and personal computer security is the assumption that they possess something worth stealing. There are many effective credit card fraud methods in use that don't require any sort of computer exploitation, but rather involve "social engineering." What other information does the average person have on his PC that is of value? Of course I would be disturbed if somebody managed to obtain my entire photograph library, but that is of so little value to somebody else, I doubt very much that any significant effort would be put towards obtaining it.

Re:In an apartment.

[Zelos]

Same here (terraced house in a small city in the UK), I can see 11 networks from my office and they're all encrypted.

Considering how close I've been to my ISP bandwidth cap this month, I'd be seriously pissed off if someone used my connection without permission.

Re:In an apartment.

[redcircle]

If you go and buy a wireless router these days WEP/WPA is enabled by default. 2wire DSL modems that AT&T that has a built in WRT comes default with encryption. Most people probably don't even know they have wireless. Example. My dad has had att dsl for 2 years now with the 2wire modem. I set it up for him. This past weekend I'm showing him my itouch and he wants to know how it gets on the internet. I told him with his wireless connection. He hadn't a clue that he had it.

Re:In an apartment.

[friedmud]

Pretty much the same in my apartment here. I can see 13 access points... and only one of them is named "linksys" and unencrypted...

People seem to have figured it out.

Friedmud

Re:In an apartment.

"Of course I would be disturbed if somebody managed to obtain my entire photograph library, but that is of so little value to somebody else, I doubt very much that any significant effort would be put towards obtaining it."

Depends...

Man:
Is your uh, is your wife interested in... photography, ay? 'Photographs, ay', he asked him knowlingly?

Squire:
Photography?

Man:
Snap snap, grin grin, wink wink, nudge nudge, say no more?

Squire:
Holiday snaps, eh?

Man:
They could be, they could be taken on holiday.
Candid, you know, CANDID photography?

Re:In an apartment.

Yes. I think your results are close to typical. I live in a large condo complex and have about 18 wifi spots that show up. Only 2-3 are unencrypted 'linksys' routers... luckily that's enough so that I haven't paid for the tubes in over 2 years :)

Re:In an apartment.

"a combination of college/university age couples and 50+ year old singles"

You appear to be living in a building full of normal college students and slashdotters.

No open networks around me

[JimCDiver]

In my neighborhood I can see 8 access points. Every one of them encrypted. Granted 6 of them use WEP...

iPod touch

[QBasicer]

I keep my ipod touch's wireless on, and not only on, but to auto-associate with any open wireless it finds. I do this for a couple reasons. 1) My last fm song information can get scrobbled as I walk around. 2) I can get my mail delivered to me away from my home/work computer. Since all my mail is ssl, it's not a big deal. And who cares about my lastfm account information. I've thought about many times creating a public wifi hotspot around my house that limits connections to http only, although I'm not sure how that opens me up in the legal sense. It's bad when you're trying to be honest and help people and you get burned.

Comment removed

[account_deleted]

Comment removed based on user account deletion

I'm doing it right now

[macdaddy]

I'm borrowing my new neighbor's wifi to post from my new house. Unfortunately my ISP hasn't yet gotten my Internet to work. Oh wait, I am the ISP! My bad.

For fun

[scubamage]

For fun, go to a local mall and turn on a wifi sniffer of your choice. Our local podunk mall had no less than 30 unsecured wireless networks, almost all for stores which held servers with financial data. And thats what I found with a smartphone using totalcommander and wififofum.

Re:For fun

[rrkap]

It's funny, when I moved to my new apartment complex I could see about 40 wireless networks and every one of them was secure. I think that secure networks are becoming more common as the cable and DSL modems with built in wireless access that they provide come secure by default.

Re:For fun

[LMariachi]

Around here all the encrypted-by-default APs the cable company (or whoever) doles out shit all over channels 1, 6, & 11 and interfere with my neighbors' intentionally open APs. I'm sure most of these people don't even know they have wireless. So much for that.

Nearly half of all respondents said that they used

[sm62704]

Nearly half of all respondents said that they used the same password for all of their online accounts

Like newspaper registrations? Rather than bother with bugmenot, I just register using bogus data. My password is 111111. Because I really don't give a shit about a newspaper registration. It has nothing whatever to do with security. The Chicago Tribune has no CC#s, SS#s or any other real, personally identifiable information about me; I don't even know why they bother.

Yet this is somehow deemed a "Security risk." And I don't send encrypted data; if it's sensitive information I'll send it snail mail.

heh

[Jaysyn]

Yeah, my neighbors just got a laptop & have been using my Wi-Fi from their front porch. We're good friends so it doesn't bother me. I'm pretty surprised it can reach them being 802.11b & over 300 feet away. Not too big of a deal as no one else lives within at least 1000 feet of my router. If I lived in the city I'd have that shit locked down tight.

how many custmers bothered by "Unsecured Wi-Fi"

[cyfer2000]

Like me, when I am working in my bedroom, I must check if I am connected to my neighbor's wireless network, because his network is way slower than mine.

Convenient

[leighton]

My own access point is secured, but I do use unsecured ones from time to time (there are a few in my neighborhood). It's an advantage when I'm having problems with my own wifi--I can check to see if other connections in the neighborhood are working (if not, it's probably a problem with the cable company) and I can access the internet to look up troubleshooting information, etc. All of that is much quicker than calling Comcast.

I don't do anything *important* while I'm using someone else's wifi, but it is convenient.

And I don't encrypt anything on my home hard drive. Frankly, I don't think I have any files that are that important. I do encrypt many of my work files, but that's because they include medical data....

The word "consumer"

[QuoteMstr]

I've always found the word "consumer" to have a sinister connotation. It implies hierarchy and control, and implies that there are people in society who do, and then there are those who just receive. It's offensive.

Dammit, we're "citizens", "people", "internet users", and a million other terms. I never want to be called a "consumer".

Re:The word "consumer"

I'm with you.

Yeah, sounds like fun

[Burz]

The Upside-Down-Ternet (*evil grin*)

not suprising

reminds me of a comment my roommate's sister made. She came to stay over in our apartment building and was shocked to find that she could log into this linksys network. "It must be huge! I can log into it everywhere i go!"

I say THANK YOU...

[Tortooga]

I would like to start by saying thank you to "Ryan" who has been broadcasting his SSID and glorious wi-fi to me at a my home. I do not have any internet access - well, that *I* pay for. And this seemed like a good time to thank "Ryan" - at least I am assuming his name is Ryan, as that is the SSID. You're the best! See, now it's not stealing, I said "thanks" so I am assuming it's a gift. I mean - it WAS put into my home w/o me asking for it...

and why not?

[DragonTHC]

if it's unsecured, that means either two things, the owner intended it to be used, or the owner is blatantly oblivious to security and the notion that you have to turn it on.
if the oblivious owner had intended to deny access, he would have sought a way to do it.
either way, open use is implied.

Re:and why not?

[graphicsguy]

if the oblivious owner had intended to deny access, he would have sought a way to do it. By definition of "oblivious", he doesn't know his network is granting access. Of course, this whole argument would go away if all routers had some form of encryption enabled by default. There are ones that do, so it clearly is not "too hard".

Re:and why not?

[dwater]

it doesn't need encryption specifically; just some username/password - actually, *anything* to give the user some idea it isn't deliberately being offered for free.

Re:and why not?

[graphicsguy]

Agreed!

Even more shocking ...

A startling 99% of people have had a drink from a public water fountain.

End EULAs

[F34nor]

It's my bandwidth, I paid for it, I should be able to do whatever I want with it. Hell if I open my base station to all and some poor person uses it I'd like to be able to take that as a charitable donation as a matter of fact. The real problem here is that the last mile is controlled by a bunch of people that know for a fact that the end of their business model is neigh. Cell phones? Well the advent of WiMax and VoIP means that a great many of them are totally fucked. In fact as a owner of a Nokia e61 with Fring and a Wifi antenna living in a city with MetroFi I can already not use a cell phone a great deal of the time. Peer to peer mobile phones combined with Merkai type mesh base stations could be the beginning of a true free nationwide cloud. Buy alarm lines to your neighbors and run Ethernet over unlit POTS. Run your own fiber from the edge of neighborhood to the next one.
Hell why not go whole hog and make most of the spectrum into one open cloud. Then we use peer to peer mesh handsets, towers and base stations that have wide bandwidth fractal antennas that can use any part of the spectrum. If you want access you give the devices the ability to buy and sell redirection in a free market system. So I have a handset and want a very large file quickly, in my area there is low use and it is two hops to the nearest fiber, My handset negotiates with the people around me to rebroadcast from the fiber to me. I pay them the agreed upon rate for the retransmission. We could wipe away massive amounts of garbage and open up a huge vibrant pervasive ultra high bandwidth world. You can give military, EMS, and aviation fixed spectrum or just make them pay drastically lower rates when needed.
  The current system is being crippled by the fact that it is easier for Verizon to buy a congressman or a local assembly then to fix their business model.

Re:End EULAs

[dtzitz]

Run your own fiber from the edge of neighborhood to the next one. Hell why not go whole hog and make most of the spectrum into one open cloud Wait a minute. I quit an apprenticeship(electrical) because I hate digging ditches. Now you want me to dig ditches and run conduit again(I know you were going to put that fiber in rigid conduit)? Who is going to pay me? What about the equipment? What are you going to do with a very large file on a handset anyway? What can WiMax do that 3g can't? Sounds nice though. Good luck with that.

Re:End EULAs

[F34nor]

1. Use garden hose for conduit and cheap plastic fiber.
2. You get paid by providing network services with the fiber you laid.
3. Watch porn.
4. 3G is licensed spectrum. WiMax is open to all.

Bandwith is not a car

[roggg]

Cars have maintenance costs caused by use. If I use your car when you are not, I am costing you money. If I use your bandwidth when you are not, I cant see how that really affects you in any way. Not saying it's right to do so. Just saying the analogy is flawed.

Re:Bandwith is not a car

[Zelos]

Because many ISPs have usage limits, especially the cheaper options. The kind of non-technical person who doesn't secure their WiFi is quite likely to have a lower usage cap, because they don't use it so much.

Re:Bandwith is not a car

[electrictroy]

It depends:

- If the user is paying a flat rate, then it costs the user nothing, but it does cost the Internet company more money in additional electricity usage.

- If the user is on a "pay as you go" plan, then it obviously will increase the user's monthly bill.

Internet only costs $7 a month.
Go get your own account IMHO.

Re:Bandwith is not a car

[spookymonster]

If I use your bandwidth when you are not, I cant see how that really affects you in any way. And when my ISP cuts off my service because I've used too much bandwidth this month?

And when the government subpoenas me because someone on my account was browsing child porn sites?

And when the RIAA files suit against me for 'making available' copyrighted material (off of your laptop, of course)?

But if those moral blinders are working for you, hey... who am I to disagree?

Re:Bandwith is not a car

[Naughty+Bob]

Internet only costs $7 a month.
Go get your own account IMHO. I leave my wireless open, and use other people's in exchange, because mine doesn't reach very far beyond my home.

And not to be all picky, but your sig seems to advocate a form of stealing deemed much more serious, in cash terms, than the supposed crime in this instance.

Re:Bandwith is not a car

[Belial6]

It is more flawed than that. It is not illegal for people to use the posters car. If a car is parked on the street. You will not be arrested for sitting on it. If you drive off in it, that would be a different story, but it is very clear that unauthorized use of a car is not inherently a crime.

Re:Bandwith is not a car

[Sancho]

More relevant is that a leecher probably doesn't know whether or not someone else is using the bandwidth. The question, "Why can't I use a negligible amount of bandwidth when you're not using it?" is irrelevant if I can't tell whether or not:
a) My bandwidth use is negligible (does the grand parent poster do a speed test and throttle his use accordingly? In my area, we have ultra-cheap 64kpbs "broadband" for people who want an always-on connection that's about the same speed as a phone line.)
b) That I'm not using the Internet at the time that s/he wants to use it?

If the grand parent does neither, then the point is really moot, isn't it?

Re:Bandwith is not a car

Sounds like a great excuse to get rid of ISPs that cap bandwidth usage and the RIAA to me.

Re:Bandwith is not a car

[fishbowl]

>If a car is parked on the street. You will not be arrested for sitting on it.

If you're sitting on my car I'm going to ask you very urgently to stop.
If you do NOT stop, in my locality, I can shoot you dead.

Re:Bandwith is not a car

[DamnStupidElf]

Your argument basically boils down to "Why should I be responsible for owning a crack house if I let anyone who asks come in and use it whenever they want?".

If you're really worried about it, just turn on encryption or mac filtering. Irresponsible people don't deserve special protection merely because of their irresponsibility.

Re:Bandwith is not a car

because someone on my account was browsing child porn sites?

This is typical "think of the children" bullshit. The guy asked "what's wrong with me using a little bit of wireless" and you come back with "because somebody might arrest me for child porn". If he had asked "what's wrong with me browsing child porn on your wireless" then your answer / question would make sense. As it is; it's a total distractor. There is nothing wrong with borrowing a "little" bit of wireless. There is alot wrong with child porn. If you can't tell the difference between internet surfing and child porn then you are a big problem.

Re:Bandwith is not a car

[redxxx]

Uhh... if you leave your router open, bad people can abuse it and can get you in trouble.

That's a good reason for you to lock down your router. It isn't a good reasons for me to not use it to check my e-mail.

Re:Bandwith is not a car

[Warbothong]

If I use your bandwidth when you are not, I cant see how that really affects you in any way. And when my ISP cuts off my service because I've used too much bandwidth this month? Sounds like you need a different ISP. I pay for a connection with a certain amount of bandwidth, and although I get less than the advertised amount due to the laws of Physics (advertised as 24Mb, I only get about 5 or 6 because of my pretty isolated location) that is what I get and use, quite a lot, and even when I'm out some of my neighbours use it. Nobody should put up with a cap, it's false advertising in my opinion.

And when the government subpoenas me because someone on my account was browsing child porn sites? Then they have probable cause for a search, not any kind of evidence. Hey, who knows, maybe a tech-savvy /. reader's logging setup will help catch a paedophile?

And when the RIAA files suit against me for 'making available' copyrighted material (off of your laptop, of course)? Then they have nothing against you, since your laptop does not infringe copyright, and you make a nice sum in damages from your defamation counter claim.

But if those moral blinders are working for you, hey... who am I to disagree? How are those moral blinders?! There is absolutely NO moral issue discussed AT ALL in those points. The entire argument seems to be sorted by one sentence:

"Please stop assuming that just because a lot of other people are the sole users of their Internet subscription then that means that I am."

Sorting out the issues after that explanation have varying time frames though. They range from maybe a month to getting a non-shit ISP, to several decades as the RIAA refuse to believe that someone isn't going to pay them $10,000,000,000 for 2 file names they matched to an IP address.

Re:Bandwith is not a car

[hibji]

And when the RIAA files suit against me for 'making available' copyrighted material (off of your laptop, of course)? Then they have nothing against you, since your laptop does not infringe copyright, and you make a nice sum in damages from your defamation counter claim. I'd just like to point out, that it takes a crapload of money to defend against one of these suits. Just because you're right doesn't mean that you aren't screwed.

Re:Bandwith is not a car

Here in New Zealand, we have data caps. I pay through the nose to be able to download up to 80gb a month. I'd have to pay throug other orifices if I went over that. It is a lot more clear cut as to whether or not using someone elses bandwidth is stealing, over here... as it is in many other countries in which data caps are common.

Re:Bandwith is not a car

[spookymonster]

And when my ISP cuts off my service because I've used too much bandwidth this month? Sounds like you need a different ISP. Why? It fits my needs, not yours. If you start running up my bill, I'm supposed to go in pocket to support your bandwidth addiction?

And when the government subpoenas me because someone on my account was browsing child porn sites? Then they have probable cause for a search, not any kind of evidence. For some things (like child porn), being suspected of the crime is almost as bad as being charged. There was a /. article not too long ago about a tech getting fired and unable to find a new job, even though no evidence to support the charges was ever found.

And when the RIAA files suit against me for 'making available' copyrighted material (off of your laptop, of course)? Then they have nothing against you, since your laptop does not infringe copyright, and you make a nice sum in damages from your defamation counter claim. Does this mean you'll be paying all my legal bills? No? Oh...well, at least, if I do win, I'll make that 'nice sum' you talked about, just like all everyone else who've successfully counter-claimed the RIAA to date... oh, wait....

But if those moral blinders are working for you, hey... who am I to disagree?

How are those moral blinders?! You are costing me time, effort, money and reputation, and yet offer to assume none of the debt or responsibility for your actions. You are putting 100% of the blame on the injured party, and trying to use ignorance ("I didn't know he hadn't given me permission") as a defense. Face it: you know it's wrong, you just don't care. If that's not the very definition of moral bankruptcy, I don't know what is.

The fact of the matter is, an open door is not an invitation into the house... it never has been, and it never will be.

Re:Bandwith is not a car

If I use your bandwidth when you are not, I cant see how that really affects you in any way. And when my ISP cuts off my service because I've used too much bandwidth this month? And when the government subpoenas me because someone on my account was browsing child porn sites? And when the RIAA files suit against me for 'making available' copyrighted material (off of your laptop, of course)? But if those moral blinders are working for you, hey... who am I to disagree?

Thankfully, most pedophiles at least are upstanding members of society, and would never even consider stealing someone elses bandwidth.

Re:Bandwith is not a car

[stewbacca]

Because many ISPs have usage limits, especially the cheaper options. They do? Which century/country are we talking about here?

Hypothetically here....

A neighbor has a tree, and that tree's shade extends into your yard. Is it illegal for you to sit underneath that shade and enjoy it while it's available to you? I think not. How is wifi different?

Consumers Don't Know

[Wamoc]

I used to work in office supplies and we sold networking hardware. All the time people would be shocked that they needed to pay for internet service and not just use a wireless card.

Looks like...

[unrealmp3]

that 12% of access points worldwide are free :D

Re:Nearly half of all respondents...

[webdog314]

The problem with this is that YOU are not Joe Consumer. The average internet user might write to blogs, buy products, check their insurance, email, etc. They might have as many as two dozen or more sites that all require them to have an account. Sure, some people might use throw-away info on a few, but I wouldn't bet the majority do. And do you really think those same people are going to memorize a purposely non-intuitive, unique, alphanumeric password for each site? Not a chance.

And don't paint it just like every other car...

[TamMan2000]

...in the area.

I set my parents house up with secured wifi 3 years ago... Last year my parents got a new laptop, and went about using wifi. 6 months pass. They get a new printer... I tell them that they can print from their laptop, over the network, and try to talk my dad through setting it up... After much confusion, I realize they are not on the wifi network that I set up for them, but one of their neigbhors...

My parents are smart, they just didn't grow up using computers, and don't think about the kind of things that most slashdot users think about... typical boomers... I bet 12% (or more) of laptop users steal wifi, without even knowing it...

Re:And don't paint it just like every other car...

[netsharc]

Well if a survey-taker didn't know he was on his neighbor's WiFi, he wouldn't answer "Yes, I piggy-back on my neighbor's WiFi" on that survey would he?

Re:And don't paint it just like every other car...

[InlawBiker]

I think that's how it should be. My neighbors hop onto my network too, accidentally I'm sure. When signals drop the default behavior is to search for a new open network and jump onto it. I don't see what the big deal is. If I wanted to keep them out I'd set up WEP. Accidental or occasional wifi sharing is just fine by me. Now, a neighbor who's seeding torrents or running a web site is something else.

Re:And don't paint it just like every other car...

[NeverVotedBush]

WEP isn't secure. It's now basically a script-kiddie exercise to tickle the WEP link and in moments you have enough information to break in.

WEP will keep out the non-resourceful and the lazy but that's about it.

Re:And don't paint it just like every other car...

[TamMan2000]

WEP will keep out the non-resourceful and the lazy but that's about it. Isn't that almost everyone?

Re:And don't paint it just like every other car...

[NeverVotedBush]

Yep - it's only half the battle to secure the access point. The other half, which most forget about or don't bother with, is to lock down the laptop or whatever device is using the wireless link. Not all allow locking it to certain access points, but my Mac does. I can tell it to ignore other networks and not connect at all if it can't find my own.

I don't know how hard it would be to spoof my wireless and fool my laptop to connect to a malicious network, but no regular neighbor is going to try to do that.

But my laptop will not try to join any other networks than the ones I have already configured. My access point will not allow other computers on as it is locked by MAC address and computer name to who it allows on as well as using WPA2 with a hard password.

Re:And don't paint it just like every other car...

[Starayo]

Hah, I had something similar happen, when my mum's computer was having troubles with the internet. It would begin load pages and then stop, the speed was drastically slowed, and many other issues I can't recall off the top of my head...

After about an hour of head-scratching from myself and another who has experience in these matters, I logged into the router from her computer and dug around in the settings for about fifteen minutes before I noticed the SSID was different... It was the same model router, so it had the same config page. XD

Re:And don't paint it just like every other car...

[mollymoo]

WEP will keep out the non-resourceful and the lazy but that's about it.

It'll also keep out the honest who have a machine which defaults to connecting to any open network. It's easy to accidentally connect to an open network if you don't know what you're doing, but breaking into a WEP secured network marks you out unambiguously as a criminal.

Re:And don't paint it just like every other car...

[ceoyoyo]

I have a friend who asked me to set up her wireless router. She lives in a big apartment building. So I connect to "Linksys", configure some stuff, turn on encryption, set the password, all good. Disconnect. Connect. What? No encryption? No password? Stupid thing must be broken. Oh well, try again, maybe it will take. Repeat. Four or five times.

Then I took a look down the list of wireless networks in the building. What do you know... I'd just finished encrypting and setting passwords on all the neighbor's wifi. Whoops. ;)

Re:And don't paint it just like every other car...

[Skylinux]

I used to service computers onsite and ran into this ALL the time. The customer usually reported one or more of the following problems:

1) Very slow Internet connection....
2) Sometimes the Internet connection just won't work.....
3) My printer stopped working a few months ago....
4) Somebody printed something on my printer (thanks to the auto discovery crap in XP and a shared printer)

Usually the customer was using one of the many unsecured connections available. After changing the default SSID AND setting them up with WPA encryption it worked fine.
Almost forgot, I always smiled when I entered "their" router with the SSID "Linksys" or "Dlink" only to find out that the router I was about to configure was not really their own router but some neighbor's router with the same default SSID.
Is Vista smart enough to distinguish between routers with the same SSID but different MAC addresses?

Re:And don't paint it just like every other car...

[thegrassyknowl]

After much confusion, I realize they are not on the wifi network that I set up for them, but one of their neigbhors...

I believe Windows will just connect to the first open network it finds unless you've set a preferred network. That's pretty crappy because most users probably don't even know how to select the right wireless network.

This would get easier if router manufacturers started shipping them with random passwords in the user's manual and WPA turned on by default. That would, at least, stop people inadvertently connecting to an unsecured network and wouldn't hinder the technically inept too much;

"Please enter password"

*looks in user guide*

Oh here it is *types*

Any random password is better than none on the grand scale of things.

Re:And don't paint it just like every other car...

[dwater]

Indeed, and that's the purpose. It is something that says, "Don't use this unless you're authorised.", just like any username/password system.

That's the whole point. That's why it's there. If you want/don't mind people using your network, then don't set a username/password.

I don't believe this is an issue. It's plainly stupid to claim that using an open wifi network is stealing because there's no way to know they don't intend it that way.

I leave my wifi network open so that others can use it - is someone who then uses it somehow stealing from me?

How am I suppose to be able to make it known that people are welcome to use it? ...and don't say by naming it something stupid like 'Free' or whatever - why should I be restricted in how I name my network just because some people are ignorant?

Re:And don't paint it just like every other car...

[dwater]

...and it'll also mean that people who *want* to have people using their network can do so without. It'll also mean that people can use open wifi networks without being branded a criminal.

Those are two good reasons for setting up WEP, irrespective of it's security - it's letting people know that they're not supposed to be using it. Having an open network is *not* doing that and in fact does the opposite.

Re:And don't paint it just like every other car...

[dwater]

ok, great.

Now, tell me. What that easier to do than setting up WEP?

I'd guess it's a lot harder to lock your computer to a single network than to set up WEP.

Why, then, is it expected that everyone should lock their computer to networks than require people to set up WEP???

I would hazzard a guess that there are many more laptops with wifi than access points.

Re:And don't paint it just like every other car...

[dwater]

So, you broke the law?

Stupid law.

PASSWORD ADVICE

[gurps_npc]

1. For rude "we want you to register but you have no desire to do so", I suggest using a generic password for all. This counts for anything that does not ask for address/social/phone/name.

2. For things that really need a password, I suggest the following method. Instead of coming up with a single password, come up with a pass word RULE SYSTEM. Example: Last letter of website name (before .com./.org/etc.) plus 2nd to last letter of my username, plus their numbers in the alphabet plust the nonsense phrase C8t_f1re So using that rule, my password for slashdot.com would be tpC8t_f1re. My password for fark would be koC8t_f1re

This way, all you need to do is remember a single rule, and let the web sites remember your username for you. Someone that learns your password (like say the sys-admin for work) will not know it for anything else.

P.S., no that is not my rule.

Redundancy/Backup Access

[Kozar_The_Malignant]

I live in a townhouse community, and I can pick up seven wireless networks besides mine. Of those, two are secured. When my Comcast is out, it's nice to have some backup access through one of my neighbors' DSL or satellite service. I don't abuse it, but I do connect for a quick POP mail check or such. I wouldn't dream of doing anything financial over such a link.

Re:Redundancy/Backup Access

[AlpineR]

I wouldn't dream of doing anything financial over such a link.

Why? Aren't your financial transactions encrypted between your computer and the bank's server?

I suppose a sophisticated neighbor/con artist could set up a router that acts as a superphisher. When you try to connect to Wachovia, it gets a login page from the real Wachovia (to look authentic) but changes it so that your password is actually sent to the interceptor. Then it returns an error message, let's you retry your login, and sends that second attempt to the real site. Thereby your password is stolen for use at the interceptor's leisure, and you think you simply made a typo.

I don't know if that kind of phishing would be harder to avoid than the common kind where the link address doesn't even look real. But if it works then that'd be a great scam to pull at an airport or hotel, running a superphisher posing as a legitimate router.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re-using passwords

[vrmlguy]

Nearly half of all respondents said that they used the same password for all of their online accounts I use the same password for all of the forums that I belong to, which accounts for about 90% of my online accounts. My more private accounts (instant messaging, email, etc) use different passwords, but they're all the same fixed string with the provider's name embedded within it. Yes, someone figuring out that my Gmail password is 'gottaLoveGmail' might then guess that my Yahoo password is 'gottaLoveYahoo', but I'm willing to live with the risk. Finally, I use unique machine-generated passwords for all of my on-line financial accounts. All of those passwords are kept in a PGP-encrypted file; even correctly decrypted, the file looks a lot like line noise, which I figure makes breaking into it that much harder.

Mmmmmm...money!

[Robber+Baron]

Half an hour of my life, gone. And I don't even want to think about the brain damage. Is that money I smell? Mmmmmm...money!

Can we stop calling it unsecured?

[xutopia]

Securing your router means putting an admin password on it. After that your network can be either open or not.

It's all Apple's fault!

Silly iPhone and its promiscuous wifi habits!

Why is it seen as ok?

[jimbob666]

The practice is apparently more common in the U.S., where one in seven have piggybacked on free Wi-Fi networks, than in the U.K.

Even the article writer paints the picture that it is 'ok' to hop onto someone elses network. No Mr. Article Writer - they are not 'free' networks. They belong to someone.

I do think the onus is on people to learn more about securing wireless networking instead of just a plug-and-go approach.

Why don't people understand that it is their responsibility for what happens on their computers and network? That one thing is enough to compell me to lockdown my wireless connections.

Re:Why is it seen as ok?

[tony1343]

I disagree. I think they are free networks. Some people leave them open purposefully so other people can use it. I think that should be the presumption. It's sending you a signal saying, connect to me, right? You shouldn't have to physically find a person and ask if you can connect. That is ridiculous.

Re:Why is it seen as ok?

[jimbob666]

Some people leave them open purposefully so other people can use it

In that case yeah you have a point, *but* whoever opens up their network is opening themselves to a world of problems. Someone connects and downloads illegal pr0n? The network owner is the one in trouble.

Someone connects and infects the host network with a virus? The network owner has a compromised system.

Someone connects and steals some money from the network providers bank account? Try proving due care and attention were taken to secure account details when you have an open network anyone passing can connect to.

Nothing to back me up on this one but doesn't it say in Terms Of Use from ISP's that you cannot share out your connection?

Re:Why is it seen as ok?

[tony1343]

Definitely agree with you that opening up your network might not be something that a cautious person wants to do. There definitely are people who do it though, and I'm pretty sure there are people at slashdot that do so.

I don't think if someone gets on your network and downloads porn you will be held responsible. You didn't do it, so there is no way you are going to jail. Of course, they might think you were the one doing it, but that's an evidentiary problem. As to Terms of Use, that might be true. I'm not sure. However, it would be difficult for an ISP to sue a third party that logged onto the network. The owner of the internet connection agreed to and entered into a contract (the terms of use). The third party did not and so is probably not bound to them.

The world would be a better place without WPA.

The world would be a better place with no wifi security.

Just Imagine. Going anywhere you want and being able to get onto the internet.

And please remember. Encrypting access to one's internet does not make one's internet traffic any safer. SSL please.

Accenture / Andersen Consulting / Authur Andersen

[alohatiger]

So Accenture did a survey and we should trust their results because they used to be part of Andersen Worldwide and (when they were known as Andersen Consulting) they were sister companies with Authur Andersen--the beloved and well-trusted accounting company with a bullet-proof reputation.

Ka-ching !

[slas6654]

1. Leave my wi-fi open to you. 2. Net X-Ray filter for www.tjmaxx.com 3. Get your credit-card numbers. 4. Profit!

Encrypted files

[Choad+Namath]

only a quarter of them have ever encrypted files on their computers.

I fail to see a problem with this. The real question is how many files that you would actually want or need to encrypt are encrypted? I've never encrypted files on my computer, but I also don't have anything that's particularly secret or sensitive on my PC.

Re:Nearly half of all respondents said that they u

"The Chicago Tribune has no CC#s, SS#s or any other real, personally identifiable information about me; I don't even know why they bother."

The same reason magazines practically give away subscriptions for usually less than 25% of retail. To get a high number of subscriptions to increase circulation totals to provide to advertisers.

Bicker today, shake hands tomorrow

[billcopc]

All this "stealing wifi" nonsense will be completely moot when we finally establish free-for-all wireless networking. It might take us a few centuries to get over this petty greed, but eventually the concept of each individual having their own private phone, internet and TV connection will be a funny paragraph in a history book.

Re:Bicker today, shake hands tomorrow

[mlts]

It may head that way.

I see Internet billing heading one of two directions. The first is that it becomes standard just like what billcopc stated, where using a mesh that is open to all comers.

The other is the opposite. I can see Internet access going back to the Dark Ages by ISPs both directly charging their customers and using deep packet inspection, not just charging for the bits over the wire, but which bits go where. For example, if someone is using an ISP approved website, the cost would be free. Using the competition? $1.00 per connection with the ISP using the basic SYN packet as a gauge. Logging into a non-approved (which means the E-mail service didn't pay the ISP for a non "bus lane" tier), the customer gets 28.8k speed, and pays $1.00 to the ISP for a "connection fee" to that service.

For the MMO or online game players, the ISP would just charge a fee to "main a reliable connection", say $1-2 an hour connected to the services.

End result, ISPs would not mind a bit someone having an open wireless connection... it just means the person with it will have a $1000 "long distance Internet" bill.

Yep... the days of Compuserve and AOL all over again.

Re:Bicker today, shake hands tomorrow

[billcopc]

I don't see that 2nd scenario happening at all. If they even tried to pull off that kind of bullshit, it would only take one rebel ISP to trump them all. Heck, we'll build our own grassroots mesh if we need to, the hardware and software already exist and a surprising number of techies have the skills to pull it off.

Re:Bicker today, shake hands tomorrow

[mlts]

It would be good if one rebel ISP to do that, but who gives this ISP peering to the rest of the Internet? The other ISPs who would be making money hand over fist demanding cash from all sides, both from websites for premium tiering, and users would just not connect to the ISP that doesn't play in this ballgame. One monopoly owns the phone lines. One owns cable, 1-2 own the wireless spectrum. Having them cooperate and make a system like this would not be farfetched.

The only way to break this type of system would be IP over power lines, or a low power mesh network. However, a low power mesh requires connections to the rest of the Internet, and can be easily kept from connecting. Similar with IP over power lines. Don't play by the ballgame of charging by the site status, no peering will be permitted.

Re:Bicker today, shake hands tomorrow

[billcopc]

That rebel ISP would gain a lot of support from everyone who's sick and tired of the financial tyranny.

There isn't much fun in being a monopoly if nobody can afford your services. I can tell you for a fact I won't ever stoop down to paying a receiving ISP for the privilege of routing my packets to their clients. I pay my onramp, they pay theirs. That's how it's always been, and there's no good reason to reverse it, just a cornucopia of criminally bad reasons.

Greed has already crippled many nations beyond repair. If it cripples the internet even further, then the only cure will be a full reboot of the entire concept.

Another perspective

Consumers purposely leave wireless unsecured to allow 12% of consumers access.

So how is it stealing if someone is aware that their wireless is unsecured and want to allow guests to access it? Of that 12%, at least 50% of the host networks likely fall into this category.

On the same note, despite repeated calls to the cable company I find that my cable modem goes down quite a bit, but my neighbor's doesn't because they never buried their cable...its an eyesore that runs down the side of my property. So given that I'm paying for the internet service, but its unavailable, and that my neighbor purposely runs an unsecured wireless access point on the same cable network, where is the crime exactly?

That's enough to say "mine"

That is the gate, the walls that surround your property for your wireless network.

Without even that (the encryption equivalent of a bit of string wrapped around fence posts), there's no way to tell the difference between the common highway (deliberately open WiFi) and private property (intended to be private WiFi).

And IRL, if I were to walk along the public highway and along your road, past your house and back to the highway on my way to work or whatever, I am NOT trespassing until you tell me where your road starts and ends and even then, if the shortest way back to public property is to continue on, I get to continue on.

The future of free Wifi: itsatrap

[davidwr]

How many of those "unsecured wireless" connections are run by criminals bent on grabbing your personal info in transit or injecting viruses into your non-ssl web browsing sessions?

I can see it now:

2010, 6 months after the Thou Shalt Not Steal Wifi Act of 2009 went into effect.

Joe Victim complains he's a victim of identity theft.
The police investigate and find he's regularly steals WiFi from his friends and neighbors. One of his neighbors' network got taken over by the Russian mob. He goes to jail for WiFi theft and his neighbor goes to jail for not taking adquate steps to protect his network.

It makes the news.

A month later, throughout the country, people start getting blackmail letters from the Russian Mob saying "We just emptied your bank account. If you go to the police you will go to jail just like Joe Victim a month ago. Have a nice day."

a lot of people don't even know...

[dumbfounder]

when they are 'stealing' wifi access. My former neighbor was very tech savvy and he said that every now and then his laptop would pick my access point to join instead of his. I didn't care, it is my responsibility to secure it if I don't want others on it. But the point is, I am sure that less tech savvy people don't even know a lot of the time when they are using someone else's network. BFD. It's like someone that has a big cannister of oxygen on their property and you get arrested for breathing when you walk by.

The problem with saying folks are stealing Wifi

[hairyfeet]

Is this: The default settings on every consumer Windows laptop I've ever had come into the shop is "grab the strongest signal and hookup", period. If that is your router at the moment, great. If that is your neighbor who has an unsecured Wifi the laptop will happily hook right on up. Do they REALLY expect the average clueless laptop user to have ANY idea whether or not they are hooked up to their own router at any given point in time?

I live in an apartment and depending on what time of day and weather conditions there are at least two neighbors and a coffee shop around the block which will give me a better signal than my own router. And if all I'm doing is checking my webmail I can honestly say I don't bother to check whether or not I'm hooked to my own or someone else's router. If it works I'm happy. I can't imagine someone like my sister even knowing to check, if her laptop is surfing she would consider it "working" and that would be the end of it.

And while I have no problem with them busting guys like the loser that parked in front of McDonald's for 12+ hours leaching Wifi, expecting a non-technical laptop user to understand and check EVERY single time they use their laptop whther the signal they are using is theirs or a neighbors is just crazy. So unless they intend to change the default behavior of EVERY single consumer laptop sold in America this is just a waste of time and another club the government can selectively bash you with if someone doesn't like you. But that is my 02c,YMMV.

Unsecured == Free

[fireheadca]

Working in tech support - I can easily attest to this.

"My wireless internet is not working."
"Ok, have you powercycled your router?"
"Router?"
"You know, the box with the little antennas sticking out of it."
"Oh, I don't have one of those."
"Okay, who do you pay for your internet?"
"Oh.... Oh. Uh.. Okay I found the 'router' and unplugged it and plugged it back in. It's still not working. It used to work but now there's a lock on the connection."
"Heh, what lights are lit on the router?"
"Lights? They're flashing but i can't read them."
"Ah. I know exactly what the problem is then. Call your isp. Thanks for calling."

I don't care that are getting free internet - hell the internet should be free - but lying through your teeth b/c you're too stupid to figure it out yourself?

Re:Accenture / Andersen Consulting / Authur Anders

Yes, it must be said. Accenture sucks... big time. Expensive solutions, without the solutions.

You haven't been paying attention, have you?

[Xenographic]

> Where exactly is this "considered an illegal act"?

There have been several arrests which were reported on Slashdot. Florida and Michigan are at the top of the list, but why don't you do your own damn Googling? I'm sure the UK was in there somewhere, too.

> How the hell do you "consider" something to be illegal? It either is, or isn't.

You get arrested by a cop who is trying to push the boundaries of the law. Sure, they may have difficulty figuring out which law you broke, but you can sit in a nice holding cell while they figure that out.

> How the hell is 12% a "sizeable percentage"?

It's sizable because it's too many to arrest. Then again, 1% of US adults are in prison, so what do I know? If we build border fences to keep people *IN*, can we consider everyone to be under arrest and end the farce?

> Someone's really trying hard to make an article out of nothing.

It's more important than you think if it gives people any pause in supporting laws criminalizing wi-fi access. Even if you believe that it's wrong, there are enough mitigating factors that it would be better to encourage people to secure or responsibly manage their access points. Because otherwise, "unauthorized access" can cover all kinds of crap, including browsing the wrong web page. And that could become a big problem.

But you haven't been paying attention to the news, have you? Because I sure didn't have any trouble remembering the previous stories.

Re:You haven't been paying attention, have you?

[stewbacca]

It's sizable because it's too many to arrest. Who said anything about being arrested? It's illegal for me to do 85 on the highway, but last time I got pulled over they didn't ARREST me for it.

Then there's the whole point that wi-fi leeching isn't automatically, universally accepted as being illegal in the first place.

Re:You haven't been paying attention, have you?

> Who said anything about being arrested? It's illegal for me to do 85 on the highway, but last time I got pulled over they didn't ARREST me for it.

They can in my state: that's "criminal speed" (but they usually don't bother and give you a lecture instead, as I found out when a cop gave me a ticket for going "84 mph", 1 mph shy of that limit, when I'm 99% sure he was letting me off easy).

Anyhow, they DID arrest those linked to above for leeching wi-fi. That's the problem.

Not shocked at all

[actionbastard]

After all one-in-four /. readers surveyed now this already, that's 25%.

WiiConnect and Xbox

[grgyle]

My Wii, DS, and Xbox all have quirky issues with my own secured wireless router (which only works with Windows and Linux after many late nights of driver tweaking). They only work if I leave mine unsecured, which I won't do (since I also "share" my music across my house computers as a "virtual jukebox")

They all connect automatically to my neighbor's (don't know which one) unsecured signal however, so I admit that I leech on them for Mario Kart and CoD4 sessions.

Oh noes!

[osu-neko]

I also walk across lawns when I don't even know who owns them. It could be public land, or it could be someone's private property and I'm stealing time on their grass every time I do it! I'm utterly unrepentant about this, too. Someone should arrest me, and soon, who knows how many lawns I'm going to step on if I'm not stopped.

Re:Oh noes!

[JimboFBX]

Damn kids, need to get off my lawn!

Via the network named 'linksys'-

Sitting by the window at my local Starbucks (where currently, connectivity would cost me $10 a day or whatever T-mobile charges) I can get a powerful 3-bar signal--for free (no wait, 2-bar...now 4).

Conclussion:
'linksys' = "Here, free WiFi. I'll probably never know but complain to my ISP about sluggish downloads"

-AC (joined by 'brad' and 'acer9302')

Dont broadcast your insecurities

Moral blinders are for folks who are too stupid to lock down their wireless. They get what they deserve. But, if you are broadcasting to the world that you are there and insecure, it's like handing your car keys to a transient and saying "just drive" (ie. seinfeld show).

These insecure wireless users are ASKING others to use their service!

timely article

[song-of-the-pogo]

I'm at the doctor's, awaiting my appointment. we all know how long that takes. so, to amuse myself while waiting, I get out my mobile device to see whether there's any free wifi floating about so that I can read /.. lo, there is, the signal is strong and the WAP's SSID is the doc's name. it's totally open, so I "naturally assume" it's being provided to me as a convenience, kind of like the three-month old US Weekly's in the waiting room (I didn't ask, though). imagine my amusement at finding this article on the front page.

Re:Accenture / Andersen Consulting / Authur Anders

[Mr.Dippy]

Exactly. Who paid for this study? It wouldn't surprise me if the U.S. Government wanted to know the stats and gave the contract to Accenture. 20 million dollars over budget and 2 years after the deadline this is what they produced

Depends on the manufacturer

[LionMage]

I believe this behavior is off by default. The last XP laptop I used required me to agree to connect to an unsecured hotspot, let alone a peer-to-peer one.

Actually, it depends on the manufacturer of your device. I bought an Acer laptop that automatically connected to a neighbor's unsecured WiFi access point without asking, even though I had my own access point which had a stronger signal -- thing is, my access point was secured with a password and WEP encryption, but my neighbor's access point was running wide open. The Acer laptop was running Vista, but had quite a few custom applications supplied by Acer, including their own custom WiFi management tools.

When I returned the Acer (due to keyboard problems) and tried an HP laptop which also ran Vista, I believe the HP required user action before connecting to anyone's access point for the first time.

So, the GP was at least partially correct -- some Windows laptops will automatically connect to any wide-open access point without asking.

Comparing against OS X laptops: My old iBook running OS X 10.2 would connect to any access point indiscriminately until I changed this behavior. (That was the source of a huge headache, as one of the access points I connected to was set up illicitly by a Honeywell employee... and Honeywell eventually tried to go after me for writing a blog entry about their security lapse, although I didn't know it was a security lapse at the time.) My new laptop, a MacBook Pro running 10.5, will ask the first time it can't find any preferred networks but finds a wide-open access point that isn't in the preferred network list. If you say yes, the wireless networking stack will automatically connect to that access point forever after whenever it sees it (unless there's a preferred network connection with a higher priority that's visible).

Re:Depends on the manufacturer

[Skater]

The laptops in question were Dells. I assume it was default since both laptops were doing it and neither person is very tech-savvy. One didn't even understand the concept of a USB thumb drive, for example, so I'm having trouble believing they both set their laptops up to automatically connect to peer-to-peer networks.

(Do people actually use the peer-to-peer mode anyway? In over four years of playing with Wifi, this weekend was the first time I saw a peer-to-peer network, and it wasn't even set up intentionally.)

Don't need an analogy

[macemoneta]

In my area, everywhere you go there are signs that say "free WiFi". The library, hotels, coffee shops, hospitals, the lobbies of many businesses, some retail stores, etc.

With so much free WiFi, how is the average individual supposed to distinguish an unintentionally open access point from an intentionally open access point? There's rarely any difference in the SSID; many free WiFi seem to leave the default manufacturer identifier.

When people are commonly giving something away, the only way to let them know that you are not giving the same thing away is to lock it up. It's simple and it's common sense. We don't need special laws.

Perhaps the solution for those that can't be bothered to read the instructions is an actual key? Put a real key lock switch on the access point with a small display for a randomly generated software key. Turn the lock and now your access point is secure; to use it you need physical access to read the software key on the display. Turn the key the other way, and the display indicates "free public access". Then we really can blame the person with the access point for allowing access they didn't intend.

Bye bye bike

[AlpineR]

If you left your bike without locking it it would be advertising its presence by bouncing photons and those photons would encode the fact that it is unsecured.

To continue the analogy, the wireless thief makes a sign that says "Ride yourself to the bike shop, sell yourself, and send me the check." Photons from the Sun bounce off the sign, encode the message, and transmit it to the bike. If the bike then follows the instructions, is that also stealing?

Re:Bye bye bike

[mollymoo]

There is such a thing as taking an analogy too far you know. There is no accurate continuation of that analogy, it has served it purpose, but the miscreant climbing on the bike, riding it to the shop and selling it would be closer to the truth.

Isn't sharing neighborly?

[KAFinVan]

Anyone else think this isn't such a bad thing? I'm not using all the bandwidth, so what if my neighbors can access it? I share mine (and lock down my computers) because I'm thrilled when I'm able to leech off other people's when I'm away from home. Of all the nasty things my neighbors could do, hacking my wifi is not one that keeps me up at night. It's a karma thing.

We should outlaw SSID broadcasts

[DamnStupidElf]

If there's going to be a law against me sending packets to an access point, there better be a law against them sending me a beacon in the first place.

Should I just ignore the beacons? Then why can't the access points just ignore the packets I send them?

The law can't have it both ways and remain consistent. Either owners of access points need to secure them to ignore unwanted traffic, or they need to stop sending beacons so they don't cause unwanted traffic on every listening NIC within range.

Only 12%?!?!?! Should be more like 30+%...

Heh, a lot of people I encounter will buy new laptops and just "expect" the Internet to automatically work on theirs. Most of the time it does... when they move their laptop to the right part of their house. These people have no ISP, nor are they even aware that they should have one.

Seriously, this is very common these days, especially for newer people that are just getting connected.

Reality Check is due

[Orig_Club_Soda]

With smart phones and mini computers becoming popular, borrowing wi-fi is going to become more and more common. I know a guy with an iPhone who connects where ever he can. I don't have a problem with this. He's not downloading gigabytes of data and he moves from one signal to the other frequently.

I think 100% illegal is the wrong way to go. Your neighbor downloading movies on your signal is bad. A guy passing by on the sidewalk checking email is harmless. And each case should be appraised.

At sometime in the future, for a metropolitan area to be considered modern, it will have to have some degree of free wi-fi. Until then, we have Fon http://en.wikipedia.org/wiki/FON

defaults

[eegad]

If this practice is so frowned upon, why are routers still being shipped with a default unsecured configurations with the same stupid network id, and why do my wireless devices constantly ask me about (or just proceed with) connecting to unsecured networks? NMP, biznitches.

Zonk's guess

Zonk's guess is higher than the actual study done. Hmmm, which could be more accurate?

It SHOULD be no crime at all for some configs.

[Ungrounded+Lightning]

Accessing a wireless network you're not authorized to be on is considered a felony terrorist act, punishable by 30 years in prison. (Even though it should be just a misdemeanor B&E at best if you do no damage.)

IMHO it should not be a crime at all for some configurations.

The computer-using community (pre-wireless) had a long history of using software as agents and protection settings as an expression of intent. (For instance: If a file was read-everybody, it was generally assumed it was OK to read it without asking. If it was read-protected it might be trivial for a super user to read it - but he'd generally ask permission first. Guest accounts with no password or password "guest" were assumed to be OK to use (providing you didn't hog the resources). And so on.)

Wireless routers have mechanisms to clearly express intent in this manner: They advertise their presence if that is enabled. DHCP explicitly hands out credentials when asked, again if it is enabled. WEP encryption is like the latch on a screen door: trivial to crack - but perfectly suitable for telling anybody trying to connect that they're supposed to ask a human for permission first.

The problem is that router manufacturers have been shipping routers configured so the screen door is unlatched and the welcome mat out - with no mention that there's an invisible screen door and welcome mat. So the legal system is (perhaps reasonably) ignoring the old convention and demanding explicit permission. Unfortunately it's also treating anybody who follows the old conventions as a masked and armed burglar, rather than putting any onus on the "property owner" to put up a fence, no trespassing sign, latch his screen door, or otherwise express that his intent is different from that advertised (at the top of its virtual lungs) by his WiFi access point.

You aren't being consistent though

But you aren't being consistent. You can't say that I'm responsible for what my laptop does but that the router owner isn't responsible for what his router does. Either we are both responsible for what our respective machines do, or neither is. Either way, the person who connects to an open wireless system (that does not have the equivalent of a 'no trespassing' sign) is right.

People compare this to a house, though a building is better. Even better still (I think) is an open field. If you don't have a fence, sign, or other indicator that you can't trespass, then people can walk across it all day. Sure, you can tell them to get off your property, but then you have to give them a reasonable opportunity to leave. Until that point, they have not committed any crime.

An open wireless router is an open field without a fence or sign.

Re:You aren't being consistent though

But you aren't being consistent. You can't say that I'm responsible for what my laptop does but that the router owner isn't responsible for what his router does. Ideally, yes all router owners should be responsible. But the comparison is not as simple as you try to make it out to be. Many routers come with a default configuration to be unsecured. No computer defaults to connecting to unknown routers unless its first told to, period. Non-techie Joe may not know that his network is unsecured, but someone definitely knows when they log into his network. Assuming Joe doesn't care about you using his network is one thing (and not a great assumption I don't think), but you are talking about something completely different. You're saying that you have the right to use his connection because he didn't take the time and/or didn't know how to secure it. That's opportunistic, selfish, and antisocial.

I won't remark much about your open field analogy, except to say that your statement "If you don't have a fence, sign, or other indicator that you can't trespass, then people can walk across it all day." is actually very wrong, at least in the USA. I'm under no obligation to warn you at all that you can't come on my property. That may seem a bit strange, especially if my property is a big empty field, but it's still the law and I could get you trouble if you tresspassed on it (probably not much trouble, considering the circumstances, mind you).

Re:You aren't being consistent though

Sorry, you're wrong. As you say, you aren't under any obligation to warn me, but if you don't (and I don't know some other way that it's prohibited) then I've done nothing wrong (criminally or civilly) by crossing the property. You have not waived your rights - you can tell me to get off and never come back, but then you must give me a reasonable opportunity to leave your property. (You can't tell me to get off, and immediately claim I'm trespassing. I have to have a chance to leave.) This is very settled law in the US.

You can see a plain English discussion at http://www.enotes.com/everyday-law-encyclopedia/trespassing.

"the trespasser must not simply unwittingly traverse another's land but must knowingly go onto the property without permission. Knowledge may be inferred when the owner tells the trespasser not to go on the land, when the land is fenced, or when a "no trespassing" sign in posted. A trespasser would probably not be prosecuted if the land was open, the trespasser's conduct did not substantially interfere with the owner's use of the property, and the trespasser left immediately on request."

the other 88%...

[Cyko_01]

...were to smart enough not to admit it

Car analogies never work

[StarKruzr]

If someone uses your car when you're not using it, you're being deprived of something: gas, mileage on your odometer, wear and tear on your car.

If someone uses your wifi when you're not using it, you're being deprived of nothing at all.

routers

[StarKruzr]

You're ALWAYS better off going with your own router.

Just get a nice draft-N router and use that.

Smart? Well....

"My parents are smart"

Compared to their kids? Maybe...

New study by Accenture !

[malanoche]

says that they are so full of sh$t, they publish studies stating the obvious. I think they never bothered to make the phonecalls... 12% sounds more or less accurate.

iPhone Users...

[tacocat]

iPhone users are absolute whores about borrowing unsecured Wi-Fi. It's the only way to 'Fi'!!!!

I think there are a lot of people who set up unsecure Wi-Fi by design so that people can use it -- most of the WiFi scam come with an identifiable network name, like a restaurant or coffee shop.

Good. Maybe they'll go away

"This condescending attitude of techies toward the "lusers" is a big part of the reason why people are still afraid of their computers."

Good, maybe they'll get rid of their computers and stick exclusively to watching "American Idol" and let everybody else the hell alone.

The internet used to be pretty good, until they let AOL connect to it.

Re:Nearly half of all respondents said that they u

[The+One+and+Only]

And I don't send encrypted data; if it's sensitive information I'll send it snail mail.

I certainly hope you send it by encrypted snail mail. Paper envelopes are not a particularly secure channel.

I share, why don't you?

I purposely share my internet with others, somewhat in gratitude to many unnamed strangers that have allowed me to check email or look at a map online far from home... My wired network is behind another router anyways, and anything I care about is done over SSH (or GPG).

If I notice abuse, I'll close it (hasn't happened yet), but the world would be a much better place if everyone just shared.

Really simple solution

[Metorical]

There is a really simple solution to this. Force all wireless router manufacturers to set a default password.

Although it would be trivial to use this default password it would make clear the fact that you are logging on to a secured connection that's not open for anyone to use.

If someone wants to open their wifi up for free use then they can remove the password. If they want it to be secure they can set the password to something else.

Re:Nearly half of all respondents said that they u

[sm62704]

Paper envelopes are not a particularly secure channel.

It's not the paper that makes them secure, it's the strong laws against tampering with them.

Re:Nearly half of all respondents said that they u

[The+One+and+Only]

People who follow laws, and people who are bound by laws, are not the people you should be worried about securing data from.

Re:Nearly half of all respondents said that they u

[sm62704]

I have a buddy who works for the post office. You can believe that your mail is safe.

Re:Nearly half of all respondents said that they u

[The+One+and+Only]

Not from him.

Enough with the analogies already!

[stryc9]

Enough with the analogies already! Why does this discussion always go this way? It's not 'like' anything. It is 'like' accessing an open wireless AP, and nothing else.

Re:Nearly half of all respondents said that they u

[sm62704]

I know Mike, you don't. Your mail is safe from Mike, and if it wasn't safe from his co-workers he'd tell me.

Re:Nearly half of all respondents said that they u

[The+One+and+Only]

It's still probably easier to rob a mail truck than break RSA. And I'm sure somewhere in the vast world of the postal service there are some people who can be bribed.