German User Fined For Having an Open Wi-Fi

Kilrah_il writes "A German citizen was sued for copyright infringement because copyrighted material was downloaded through his network while he was on vacation. Although the court did not find him guilty of copyright infringement, he was fined for not having password-protected his network: 'Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,' the court said."

I see.

[Pojut]

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

Re:I see.

[Itninja]

If the court thinks you did it on purpose, then yes it does. If it was truly accidental then i think you could still get sued in civil court for negligence. There have been many cases of people not their securing firearms being successfully sued when someone dies as a result.

Re:I see.

[conares]

Only if they make copies of your CD's and/or DVD's

Re:I see.

[jdunn14]

Though I agree with the sentiment, at least your gun doesn't broadcast it's presence in the house to the potential criminal. That is a significant difference between the two scenarios.

Re:I see.

[GameMaster]

Not sure about the dagger, and IANAL, but I'm pretty sure that in most places in the US you could be, successfully, sued for not properly securing your firearms. It strikes me that leaving an apartment//home unlocked when you know you have a gun in it could be construed as reckless behavior. Owning a gun is a right, but you have an obligation to practice that right in a responsible manner.

Re:I see.

[OrangeTide]

I would not be surprised if this has not already happened. It sounds suspiciously like many of the bizarre cases from California.

Re:I see.

If you did not adequately secure your weapons and someone used those weapons to commit a crime, you think you should not hold any liability simply because you weren't the one to commit the crime? I know in many places (ie: Texas) you are REQUIRED BY LAW to keep your firearms locked up.

Re:I see.

[jedidiah]

...except this situation is more like leaving your guns on the porch with a big sign saying "free guns".

The key thing here is that I don't have to go anywhere to see my neighbor's
poorly set up wireless network. I can see it from the comfort of my own
living room and it might even interfere with any network I might want to
set up.

This isn't just about "something in your own house". You broadcast it to everyone.

It's more like a magical gun safe that puts an unlocked door in every living room on your block.

If you left a gun lying around contrary to well established gun ettiquite and common sense, you would probably be held accountable for the results.

That's true of being stupid in general.

Re:I see.

[EricX2]

What if you have an NRA (or similar) sign on your house?

From what I've seen on Law and Order, you may get in trouble if a gun is stolen and used in a crime unless you file a report. Just don't wait to file a report!

Re:I see.

There is a significant difference between ITS and IT'S.

Re:I see.

[Aphoxema]

Though I agree with the sentiment, at least your gun doesn't broadcast it's presence in the house to the potential criminal. That is a significant difference between the two scenarios.

Are you sure his did? It's still perfectly possible to track down a router not broadcasting.

Re:I see.

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

If your apartment happens to be a weapons shop and you leave the door unlocked for a week, so someone driving could easily grab daggers or guns and use it to commit a crime.... then yes.

Re:I see.

[mysidia]

Well, WiFi is not designed to be used for copyright infringement, even if open, and such things are commonplace/readily available.

It's more like someone walked in through an unlocked door in your house, stole a fork from your silverware drawer, and stabbed someone to death with it.

And now you the homeowner are being charged with the murder, because you leaving your door unlocked allowed the fork to be used.

Re:I see.

[OrangeTide]

I love my double negatives.

Re:I see.

[jgagnon]

This is, after all, the one thing that threatens humanity most. Copyright violation is the 8th deadly sin. ;)

Re:I see.

[Tom]

As a matter of fact, in most countries (and US states, I believe) you are required to adequately secure your guns. So if it's just lying around on the table in your unlocked home, you may well be liable. If the thieves have to break open your gun locker, you're not.

And that's pretty much what the court said. Turn on encryption and change the default password and you're fine.

Re:I see.

[jgagnon]

Your shure about this? :p

Re:I see.

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

Actually, yes. At least in Canada, anyways. If you own a firearm in Canada, there are so many regulations surrounding proper storage and securing of that firearm that while you may not be charged with accessory with murder, you would find yourself in plenty of other hot water.

Re:I see.

[Mordok-DestroyerOfWo]

But at what point do we draw the line? I love reading and posting on /. and my current job is IT, but my Master's is in Anthropology. If a hairy-knuckled liberal arts person like myself can crack WEP in a matter of minutes are we going to require that people use WPA? And once that becomes easier to crack are we going to require the use of the next iteration? Heck there are times when I leave my truck unlocked, I sure hope that if somebody hot-wired it and took it on a 4 state killing spree I wouldn't be held even partially culpable.

Re:I see.

[nschubach]

Couldn't the same be said for all your rights? ;)

Re:I see.

[squiggleslash]

It's safe to say he didn't. If he had configured his router to not broadcast the SSID, then he would, legally (in most jurisdictions, I assume Germany is no different), have taken proactive steps to secure his network (even if they were token efforts) and we wouldn't have a story.

Virtually every security device can be circumvented, and as a result the question usually comes down to "Did you make an effort or not?" For much the same reason, DVD's CSS system was still considered an access control mechanism whose circumvention was illegal long after it was cracked and details posted throughout the Internet. (I say was not to make people relax and think it isn't now, but because the DVD CCA has pretty much given up on enforcing it.)

Re:I see.

[Pojut]

It strikes me that leaving an apartment//home unlocked when you know you have a gun in it could be construed as reckless behavior. Owning a gun is a right, but you have an obligation to practice that right in a responsible manner.

Agreed. We have a gun safe for most of our firearms, as well as one of those mini-safes with the four-button combination lock under our bed.

My fiancee jokes that we don't need that one for home protection, as the the combination of what she looks like after being woken up and my breath upon waking, we already have deadly weapons :p

Re:I see.

[LWATCDR]

Actually in some countries failure to secure your guns is a crime.

Re:I see.

[Shakrai]

There have been many cases of people not their securing firearms being successfully sued when someone dies as a result.

Yes, if you don't secure a firearm and one of your kids uses it to blow his friend's brains out then you are liable. But the GP talked about someone breaking in -- why should you be liable in that instance? It's your fault that a someone decided to break the law and steal your property?

I wish that everyone was held to the same standards as gun owners. As a random example, we just had a guy in our town charged with reckless endangerment (a misdemeanor) for putting a bullet through his neighbors apartment while cleaning his pistol. Just property damage, thankfully nobody got hurt, yet he was criminally charged. Contrast that with automobiles. Automobiles can and do kill -- but when was the last time you saw someone receive a criminal charge for an automobile accident that resulted in property damage and no personal injury?

Maybe we should hold drivers to the same standard as gun owners? I bet the roadways would be a lot safer....

Re:I see.

[idontgno]

Well, "not broadcasting" as in "not broadcasting its SSID", sure. "Not broadcasting" as in "Not emitting any RF signals in the 2.4, 3.6 or 5 GHz frequency bands", not so much, since that means the router is switched off.

So a non-SSID-broadcasting router is a gun shouting "I'm a gun!". An SSID-broadcasting router is a gun shouting "I'm a gun, and my serial number is...."

I'm still getting the sense we're not really addressing all aspects of this issue. Maybe if we reformulated this into a pizza analogy...

Re:I see.

[sdpuppy]

I think it's more akin to leaving your car running with the doors open while middle school is letting out.

I'm not saying that this analog makes it wrong or right - this is SlashDot where car analogies are a requirement.

Re:I see.

If you put speakers to your windows blaring "The door's open, come on in!" Then yes.

Re:I see.

[joebok]

I think it more appropriate to ask - if you leave your door unlocked and somebody walks in and rips your CDs and DVDs, are you - as the homeowner - negligent or in any way culpable?

Re:I see.

[xZgf6xHx2uhoAj9D]

It's your fault that a someone decided to break the law and steal your property?

If you haven't taken adequate steps to secure it, yes. If you leave broken glass all over your property and don't put up any warning signs, someone can trespass or break in and successfully sue you for damages. Not in criminal law, but in common law you typically have an obligation even with your own private property.

In reality you're probably not likely to get sued for having someone break in and steal your gun and commit a crime. If you had a gun in a display case publicly visible from the street and made it very obvious you had no security (door was wide open?) maybe you could be, I don't know. This German law seems to be specific to Wi-Fi, but it's not out of line with other laws and precedents.

Re:I see.

[gzipped_tar]

Comparing copyright infringement to murder is sickening. This is the pattern in which Big Media wants us to think.

Re:I see.

[ivan_w]

Virtually every security device can be circumvented

Citation needed...

Re:I see.

[nurb432]

I disagree, if your house/apartment door is closed, there was no 'invitation' thus they broke the law, not you. If you have leave it wide open with a sign ' free beer party', and you don't take steps to at least close your bedroom door, then ya, you are negligent.

However that said, you can be sued in civil court for anything, by anyone.. doesn't mean its valid or you will lose but they can.

Re:I see.

Actually, yes. Not sure about other countries, but in Canada, if you lose your gun or someone manages to steal it and use it to commit a crime - you will be charged for it. It is your responsibility to protect those of your possessions that could potentially cause serious damage to others.

Though to be perfectly honest, the gun safety regulations make a lot more sense to me than wifi security regulations. In my opinion having a crook use a firearm to intimidate and/or injure an innocent person is much worse than having a crook download an illegal copy of Avatar.

Re:I see.

[sunderland56]

No, the homeowner is being charged with leaving the door unlocked, not murder. And, since he did leave the door unlocked, that is entirely fair.

Re:I see.

[zill]

So if I just turn off SSID broadcast it'll be ok?

Re:I see.

[somersault]

Not really, it's simple use of "reductio ad absurdum" type logic to make a point.

Re:I see.

[electrofelix]

A better comparison would be if was made illegal to leave forks unsecured, and someone came in through your unlocked front door and picked out a fork from an unlocked drawer and killed someone with it. You are charged with failing to adequately securing your forks and fined accordingly. However you are not charged with murder unless the prosecution can show you did this deliberately.

Note the fact that it's illegal in Germany to have an unsecured wireless network, which is what this person was fined for. He was not found guilty of any crimes committed using his wireless network.

Of course whether it's really fair to make having unsecured wireless networks illegal is something that seems to have been glossed over entirely. Perhaps they should make it illegal to see wireless hardware that can run in unsecured modes and just make the companies selling them liable rather than asking Joe soap to work out how to manage it.

Re:I see.

[Shakrai]

As a matter of fact, in most countries (and US states, I believe) you are required to adequately secure your guns.

I live in one of the most anti-gun states in the union and there's no laws pertaining to gun storage on the books here. You could be charged with other crimes if you do something stupid (i.e: reckless endangerment if leave a gun lying around when you have kids in the house) but it's not a crime in of itself to leave a gun lying out in the open.

Such laws are one-size-fits-all solutions anyway. What's "adequately" secure? If you have kids or a mentally ill housemate then the guns need to be under your direct control (i.e: a holstered pistol) or under lock and key. If you live alone then the simple act of locking your door and not leaving them in plain view from the outside would be enough to secure them in my mind.

I sleep with a loaded pistol on my nightstand because I live in a second floor apartment with no means of escape. Such behavior would be unthinkable if I had kids but is perfectly acceptable for an adult living by himself.

Re:I see.

You should be, at the very least for negligence.

Re:I see.

[Itninja]

There was never a criminal charge for the WiFi thing. From TFA:

The ruling came after a musician, who the court did not identify, sued an Internet user whose wireless connection was used to illegally download a song which was subsequently offered on an online file sharing network.

and...

...but when was the last time you saw someone receive a criminal charge for an automobile accident that resulted in property damage and no personal injury?

Happens all the time. If it's deemed reckless is not an infraction, it is a crime. If some flies thru a parking lot at 40Mph and takes out a dozen cars (but no one is hurt), they will be arrested and charge with a crime.

Re:I see.

[modecx]

Actually, most US states have very little to say about gun storage, mostly because proposed laws have been successfully recognized and opposed for what they are: incremental steps to paramount to prohibition.

Re:I see.

[commodore64_love]

Murder? Wow. Way off.

This is more akin to having a car that everybody in the neighborhood shares. Therefore it's always open. Some creep takes the car, gets charged with speeding, and the owner gets jailtime for negligence. This law is basically discouraging charity & sharing. It's stupid and typical of a judge who should not be a judge.

Re:I see.

[Low+Ranked+Craig]

And, since he did leave the door unlocked, that is entirely fair.

We must have skipped over the part where it became reasonable for a government to tell you that you must lock your door.

Re:I see.

[AnAdventurer]

In some states there are laws that if you leave a firearm unlocked, someone steals it and uses it, you can be charge with a crime.

Re:I see.

[quatin]

I've seen cases where this was brought up. It is entirely idiotic. If you are going to hold people liable for not locking their homes, cars, underwear drawer and guns, then make it a law. Explicitly state the penalty of not "securing" your own personal property.

Re:I see.

[Dorkmaster+Flek]

Precisely. This is exactly like making it illegal to leave your door unlocked. Whether that's a good idea or not is up for debate.

Re:I see.

[mysidia]

The problem is there is no law that says you shall not ever leave your door unlocked, if you have a house, and no law that you shall not provide free internet access to the public.

In past decades it was commonplace, and rare for anyone to actually lock their doors anyways. In many areas, homes are still rarely locked, except when nobody is actually at home.

So it's entirely unfair to make up new laws on the spot and charge people with having broken a made-up rule that is not on the books.

Re:I see.

[commodore64_love]

Way to not read the guy's WHOLE message. His point was even about that. His point was that Cars are more dangerous than guns, and yet we let car drivers operate their equipment with minimal oversight.

Re:I see.

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

Hi,
I wish you all good day, this site is really nice I would always follow this site. Help me a lot of time
data would be obtained from this site, or hope to. But I want you to know that this site is really good Thanks a lot for the kind of perfect topic about this topic. It’s good to buy an essay about this good topic. Nice article, very helpful sohbet. Thanks

Re:I see.

[kirillian]

Pretty much...Copyright violations have replaced all other deadly sins...

Re:I see.

[commodore64_love]

I'd like to aim my gun at the RIAA's CEO's head. I think that would solve a multitude of issues... the replacement CEO would be so scared he'd stop trying to sue everyone... effectively impotent.

(Of course first I'd have to go buy a gun.)

Re:I see.

[rfuilrez]

A few years ago I crashed into a light pole. I was charged with Wreck-less Driving and Damage to City Property. But I guess my county is a bit of a hardass when it comes to charging traffic bullshit. We're located right next door to Cook county (Chicagos county). They gotta prosecute something...

Re:I see.

[Arancaytar]

If you store weapons and don't adequately secure them, you'd certainly be in trouble.

On the other hand, if you left your cellphone lying around and it gets used to commit fraud, then you shouldn't be responsible for that. This is more like that, I think.

Re:I see.

[squiggleslash]

OK. Let me give you an example.

The guy decides to really secure his network. He disables broadcasting the SSID, and implements WPA2 encryption. This, however, provides access only to a small non-Internet connected mini-network with no DHCP and one machine, identified by IP address only, which only responds (ie no pinging) to a specific IP address using the ports needed for an IPsec VPN. The VPN, in turn, uses 1024 bit blowfish encryption and requires a SecureID password to initiate the connection. The VPN provides access to the outside world, but requires you already know the IP addresses of the DNS server and default router, none of which are in an easily guessable netblock.

The system is also set up so any unauthorized activity results in the outside connection being dropped (ie any attempts to guess the passwords result in the wireless router shutting itself down. And, just to add that extra special extra layer of security, the owner switches off the entire system when he leaves to go on vacation.

So an elite hacker comes along and has access to the network within thirty seconds. How does he do it? How does he circumvent all these security measures?

Answer: he throws a brick through the window, enters the house, and HOOKS HIS LAPTOP UP TO THE DSL MODEM.

Virtually every security device can be circumvented.

Re:I see.

[somersault]

Since when was leaving your door unlocked illegal?

Re:I see.

[Itninja]

There are laws in several state requiring firearms to be secured at all times. In my state it's illegal to leave my own car running, in my own driveway, unattended (even if it's locked). And if ones home contains particularly dangerous things (like an amateur silversmith who keeps cyanide int he house), then it's also illegal to leave your home unlocked.

Re:I see.

[DrgnDancer]

Um... Every book ever written on security? Name a security instrument. I'll show you how to circumvent it. It may not be easy, it may not be practical, it may not even be more than theoretical, but there's probably a way. The question is merely a matter of whether the data you're protecting is worth the effort required to get through your security. For instance there's a trivial way to break full disk encryption, but most people won't use it due to it's violating a number of very serious laws. (Your porn collection may be excellent, but it isn't worth 25 to life)

Re:I see.

[Runaway1956]

I have no idea where to look for a key for my house. If I suddenly decided that the doors need to be locked, I would have to go to the hardware store, and buy some locks. There is almost always SOMEONE home, and no one even thinks of locking the doors when anyone leaves.

I guess that if someone wanted in, they could GET IN, lock or no lock. Which is worse - to find all our stuff gone, or to find all of our stuff gone, AND broken windows on a dark and stormy night?

Re:I see.

[Shakrai]

If some flies thru a parking lot at 40Mph and takes out a dozen cars (but no one is hurt), they will be arrested and charge with a crime.

A few years ago our neighbors teenager pulled into our shared driveway like a bat out of hell and plowed into our garage, knocking half of it down. If anybody had been in that garage they would likely have sustained serious injuries. He wasn't charged with any crime.

If I make a mistake handling one of my firearms and put a bullet through that same garage I'm looking at a reckless endangerment charge. Doesn't that seem like a bit of a double standard to you?

Re:I see.

[tehcyder]

I wish that everyone was held to the same standards as gun owners. As a random example, we just had a guy in our town charged with reckless endangerment (a misdemeanor) for putting a bullet through his neighbors apartment while cleaning his pistol. Just property damage, thankfully nobody got hurt, yet he was criminally charged.

And what sentence did he get for this heinous crime? Twenty years in jail? A $100 fine?

Re:I see.

[Itninja]

He wasn't charged with any crime.

Did you call the cops? And if you did, the police have the power to decide at the scene if the person should be arrested. If they feel it was reckless, an arrest (and criminal charge) will be made. If they feel it was just an inexperienced driver acting immaturely they will usually let it go (unless the property owner insists on pressing charges).

Re:I see.

[Duradin]

Guns are scary, especially those evil 'semi-auto' ones.

Cars aren't guns so they aren't scary and cars totally aren't multi-ton murder machines.

Re:I see.

[enderjsv]

They tell us we have to wear seatbelts. What's so absurd about telling an individual who owns dangerous weapons that they have to keep them locked and secured? Would you be comfortable with a person storing their guns on their front porch?

Re:I see.

Citation needed...

You really don't belong here if you need a reference for that statement.

Re:I see.

[b4k3d+b34nz]

This is the best post on /. I've read in years. Do you offer security consulting services?

Re:I see.

[ProppaT]

This is more akin to suing the phone company if someone calls in a bomb threat on a pay phone. It's public use. It's not the phone company's fault that someone abused a privilege.

but back to the door locked analogy, until there's a law stating I must lock my door (in this case, secure my wifi) I'm going to leave it open. I don't mind people tapping in to check their e-mail. I mainly leave it open because I've got at least 6-7 devices that run off of wifi around my house and, no matter what router I buy or security settings I set, at least one of them hiccups unless it's an open connection...but I don't mind people tapping in every now and then, on accident or on purpose. Not to mention I don't feel like having guests/friends/family add new connection settings when they're over just to check their e-mail/web browse on their cell phone/laptop.

If someone's going to do something illegal, if my wifi is secured they're just going to go to one of the hundred other houses/restaurants/cafes/etc in the immediate area with open wifi and do it there.

Re:I see.

[TheNumberless]

If a hairy-knuckled liberal arts person like myself can crack WEP in a matter of minutes are we going to require that people use WPA?

It's incredibly easy to connect to an unsecured wireless network. It's even easy to do it accidentally with many devices and configurations. There's no way I'm aware of to accidentally crack even the poorest wireless security, it requires actual malicious effort, small though it may be. I believe that, in this case, it's reasonable to draw the line at "anything more than nothing."

Heck there are times when I leave my truck unlocked, I sure hope that if somebody hot-wired it and took it on a 4 state killing spree I wouldn't be held even partially culpable.

The analogy doesn't work. First of all, the act of hot-wiring itself requires malicious intent, and a circumvention of reasonable security. Even if you left your keys in the ignition, the only aspect of the crime you could be said to be responsible for would be the theft itself, and since you're the victim in that case, who cares? At worst, your insurance wouldn't pay out due to negligence.

Regardless, reasonable people who don't want their cars stolen secure their vehicle, at least by not leaving the keys in it. And reasonable people (especially who live in an area where it's illegal to run an unsecured wireless network) secure their wireless network. If for no better reason than to avoid dealing with bullshit RIAA copyright claims that have nothing to do with them.

Re:I see.

[PitaBred]

It's more like leaving your light on so the murderer in the street could see well enough to kill, and you getting charged with aiding and abetting. I leave my porch light on so people can see their way up to the door easier, and it makes up for the street light not shining on the sidewalk in front of our house. In the same vein, I like leaving my wifi open... I have rate limiting for the non-secure AP, but it's nice to let friends and family and even neighbors use the Internet without having to give them my password. I mean, I'm not using all my bandwidth all the time... no reason to not share.

Good thing I don't live in Germany. They don't like people being neighborly.

Re:I see.

[GungaDan]

So if I go to Starbucks and use their wifi to download a movie, Starbucks should be charged?

That's a really odd position to take.

Re:I see.

[Sockatume]

"Unsecured wi-fi is to the media industry as the unlocked gun case is to the tottler."

Re:I see.

[PitaBred]

Free guns? The Internet is good for a hell of a lot more than killing people. Copyright infringement is a MINOR use of the Internet. How about something more like leaving your porch light on, and someone uses the ability to see by that light to commit a crime, and you getting charged for that? That's more analogous to what happened here.

Re:I see.

[Shakrai]

You rather missed the point I'm afraid, but to answer your question, his case hasn't been decided yet. The punishment for a Class A misdemeanor in NYS includes up to 12 months of jail time and a rather hefty fine (I want to say $10,000 but I'm not sure). I doubt he'll get that much of course. He will lose his pistol license, which means he can never legally possess a handgun in New York State.

That last bit irks me a little bit, because it goes back to the double standard. When was the last time you heard of someone losing their drivers license over a property damage accident? Hell, we've got people on the roadways with a few DWIs under their belt who keep getting drivers licenses. Why the double standard? Cars can and do kill, more people than guns do as a matter of fact. Either guns are excessively regulated or cars aren't regulated enough.

Re:I see.

I did read his whole message. He had two unrelated points. I responded to the first point but did not respond to his second point. His second point (about how lax we are with drivers) I agree with 100%.

Re:I see.

[value_added]

We must have skipped over the part where it became reasonable for a government to tell you that you must lock your door.

Why not? They can tell you to mow your grass when the weeds get too high, and they can tell you to fix broken windows and doors. And if you're an absentee landlord whose property is used by drug dealers and vagrants, you can be sure you'll be held liable for the goings on.

Seems to me that along with benefits of living in a modern society there are obligations, something that all the Captain Liberty folks complaining about government (while waxing nostalgic about a mythical past they never knew) ought to consider.

As for the ruling, well, it's a legal issue, innit? Opinions are irrelevant. That's not to say I endorse the idea, just that it could be viewed as reasonable. If not, it's certainly more reasonable than nutty opinions or conspiracy theories about the government or the entertainment industry.

Re:I see.

No, the homeowner is being charged with leaving the door unlocked, not murder.

No, he is not being charged with leaving the door unlocked either.
He is sued in civil court to enforce that he now locks the door.
He is sued by a party which was damaged because he failed to lock his door.
Note that he does not have to pay their damages because of the locked door.

Re:I see.

[Frank+T.+Lofaro+Jr.]

I guess it is illegal for a private person to leave their WiFi open, even if they were doing in the the spirit of sharing, or for convienience of guests, or anything.

Starbucks is a company, doing it to get more business and more money, and hence they would be considered to not be breaking the law, I guess.

We will see if a private individual explicitly leaves an open WiFi as a public service, and still gets fined, rather than "negligently" leaving it open. Then they could raise that as a defense and the gov't would have to admit there are different rules for different people or do something else.

Re:I see.

[dave420]

It depends on the country. Many have laws requiring firearm owners have suitable secure storage for their weapons. So yeah, if you screw up, you get in trouble.

Re:I see.

[wastedlife]

Maybe if we reformulated this into a pizza analogy...

A non-SSID-broadcasting router is like leaving a pizza from Little Caesers out on a platter with a sign saying "free pizza if you can figure out what brand it is". One taste, and after they are finished vomiting they can easily figure it out.

An SSID-broadcasting router is s like leaving a pizza from Little Caesers out on a platter with a sign saying "free pizza, just shout 'Little Caesers' and you can have some".

Of course, free wifi is something that pretty much anyone would take advantage of, but you would need to be very desperate to take some Little Caesers pizza.

This message brought to you by Little Caesers, even we agree that our pizza is shit.

Re:I see.

[Low+Ranked+Craig]

They tell us we have to wear seatbelts

Completely different. Arguably during an accident a seatbelt can potentially keep the driver in his seat, and can keep the driver or passenger from becoming a missile and injuring someone else, as well as reducing stress on an already stressed public emergency system. THis is a far cry from requiring me to lock my door because someone might steal some cutlery and stab someone with a fork, or requiring me to lock down my router because someone might part in fron of my house and torrent Avatar

Would you be comfortable with a person storing their guns on their front porch?

Depends on the neighborhood, the neighbor and the gun. Leaving a loaded handgun on the front porch in a neighborhood full of kids? No. In my neighborhood a significant percentage of my neighbors have rifles and shotguns, and a number of people keep them in the garage, unloaded, and people leave there garage doors open all the time. No problem. They also have assorted power tools, and other implements that pose a significant risk, like gasoline in cans, butane torches, nail guns, baseball bats, etc. I guess where I live it must be less common for people to screw with other people's stuff.

Re:I see.

[Shakrai]

(Of course first I'd have to go buy a gun.)

What's stopping you? Rights not exercised are rights lost.

Re:I see.

[Low+Ranked+Craig]

Reading comprehension is a beautiful thing. Get some.

Re:I see.

[ivan_w]

The security device in itself wasn't circumvented.

The security device in this case is used to prevent unauthorized access to the WiFi - NOT to prevent access to your Internet Connection. The WiFi access in itself was never broken in - and if this is what you are trying to protect - then it has performed its duty - and was never circumvented.

Now, unfortunately for your hacker, my house is protected by flying sharks with friggin' lasers - so once you enter my house, you are blown to smithereens (Humm.. is that a word ?) by my *secondary* security device !

But I hear what you are saying. Unfortunately, your post seemed to infer that proper securing of WiFi access points is moot to start with (and can be easily bypassed) - when I believe it is not. Breaking sufficiently large symmetric ciphers is NOT trivial (like you'd see on TV shows).

Also - on a side point - Mr "Elite Hacker", not wanting to be indicted for larceny, will probably just go do his road warrior thing a bit more until he finds a more accessible access point to perform his mischief.

Re:I see.

[Frank+T.+Lofaro+Jr.]

Automobiles can and do kill -- but when was the last time you saw someone receive a criminal charge for an automobile accident that resulted in property damage and no personal injury?

Often. In Las Vegas, almost any accident results in someone getting a ticket, and traffic violations in Nevada are criminal offenses. *

* Misdemeanors actually, we appear to not have a violation/infraction severity, although most tickets in practice only result in fines/points/traffic school. Which is good, because otherwise half the city would be in jail with the way people drive here! :)

Re:I see.

[Sir_Sri]

no, you could be fined for not properly securing the firearm in the first place (which includes not locking your door). I fail to see how that is unreasonable. I have to keep a locked gate around my pool, firearms have to be kept in a secure case etc.

Requiring a password on a wireless network is, at least from a technical security perspective a bit screwy. You can't keep a gun in a cardboard box and call that secure, there are actually government approved gun cases in some places and one naturally must store their firearm in one of those for it to be considered 'secure'. But a password of 1. Or a password sent in plaintext, or a default password or any number of other things that destroys the actual integrity of the password sort of diminishes the point, if the government (in this case german government) is going to require you to pwd protect your network they should require devices sold meet a number of 'assume the user is a moron' standards so that the user must create an actually useful password in the first place - or wilfully not create one.

Re:I see.

[Shakrai]

Answer: he throws a brick through the window, enters the house, and HOOKS HIS LAPTOP UP TO THE DSL MODEM.

My DSL modem is secured with a 12 gauge shotgun linked to a switch that will pull the trigger as soon as the ethernet link is tampered with ;)

Re:I see.

[GungaDan]

"This is the best post on /. I've read in years. Do you offer security consulting services?"

Or bricks?

Re:I see.

[Cruciform]

During our firearm safety course the instructor talked of a friend with a collection rivaling his (huge) that had the equivalent of a bank safe full of guns in his basement. He went on vacation, and while he was gone thieves broke into his house and apparently spent *days* breaking into the vault with a jackhammer and other tools. They finally cleaned him out.

When he returned home and reported the theft he was charged with improper storage of firearms. Their reasoning? Because he left the collection without someone to check on it while he was gone he wasn't taking adequate responsibility to ensure the guns didn't fall into the wrong hands.

Heavy fines and a firearms ownership ban were applied. This took place in Canada.

Re:I see.

[Shakrai]

That's interesting. So if I get a traffic ticket in NV I have to answer "yes" to the question of whether or not I've ever been charged with a crime? My state defines three types of offenses: felonies, misdemeanors and violations. Traffic citations exist in their own category, they aren't considered crimes of any type (except for DWI/reckless driving/etc of course)

Re:I see.

[xaxa]

On the other hand, someone might try to get in, find the door locked, and move on to the next house.

I'm sure someone could steal my bicycle [again] if they wanted to, but why bother cutting through two high-quality £50 locks when there's a bike with only one lock on the next stand?

Back on topic: even if I didn't lock the bike, I doubt I'd be liable if it was stolen and used in a crime.

Re:I see.

[wastedlife]

Not a very good analogy. Depending on where you live, you might be charged for failing to secure your firearms for the gun example. Even if you don't agree with gun control, leaving a weapon out is a bit more severe than having an open wifi connection.

A better analogy would be if you left your door open and someone sneaks in and used your computer to make copies of a CD or DVD. Then, since you weren't home to commit the heinous copyright infringement, they charge you with leaving your door open.

Re:I see.

[Frank+T.+Lofaro+Jr.]

This was a CRIMINAL case. They were fined 100 euros (since when is that only $126 US, what is going on with exchange rates?!) for having an open WiFi. So it is now illegal in Germany to provide free WiFi, unless you are an ISP or a business providing it.

I guess if you opened a coffee shop in your living room it might be a legal gray area...

Re:I see.

[MediaCastleX]

People who leave things unsecured are responsible for creating thieves and crime...Just watch Full Metal Jacket, Senior Drill Instructor Gunnery Sergeant Hartmann said so! There's a reason locks and passwords are made, if you leave things out in the open, you run the risk of having it taken and therefore responsible for said actions. It's all about responsibility, see? You know we have this freedom and can do whatever you like, but you might have to pay for the consequences. It's your stuff, man, protect it and yourself! It's what any good citizen should do. =D

Re:I see.

[witherstaff]

Yes, starbucks is liable if the cops wanted snooping. According to CALEA everyone with wifi is responsible for wiretapping the feed, in real time, and streaming it to the feds. This is not the last mile ISP's problem, it's whomever is giving the last link - personal, corporate, anyone. If you don't have the tech ability to do it, too bad. 10K a day fine. Oh and if they demand it of you and you can't just do it you also are not legally allowed to just turn it off.

CALEA is big brother at its finest.

Re:I see.

[celle]

"Owning a gun is a right, but you have an obligation to practice that right in a responsible manner."

No you don't, that's why it's called a right and not a privilege.

The court decision is Bullsh*t. Leaving a house unlocked is a temptation but still the perpetrator still has to make the decision to walk through the door. It's on the perpetrator at that stage since he/she doesn't have permission to go in and that's where it becomes wrong. What they should have done was nail the guy for using his wifi as a breaking and entering scenario since he didn't have permission to use it. Kind of like cordless vs cellular phones in the US.

Re:I see.

[natehoy]

See, that's where the "locked door" analogy falls apart, which is why it's a poor analogy.

So let's not use analogies. Let's just talk about what really happened rather than trying to shoehorn in bad analogies (with apologies to BadAnalogyGuy... you know we love you, man!).

This opens a series of liability issues that are not really analogous to anything to do with physical security. If your connection is used for some illegal or infringing purpose, who is liable?

Well, IANAL, but it seems to me that there are several possibilities, and the laws are not yet clear on this.

The basic possibilities I can think of are:

1. The account owner could be held liable unconditionally. They left an open access to the Internet in a public place, and anything that happens on this connection is their fault. Similar to an "accomplice". This seems entirely unreasonable, but it is one possibility.

2. The account owner could be held conditionally or partly liable. If they can demonstrate that someone else used their connection, and demonstrate willingness to give up whatever information they have to help identify the real liable party, they might be absolved of liability or at least be liable for a lesser amount or a lesser crime. Similar to an "accessory".

3. The account owner could be held responsible only for providing the connection, which would be a much lesser fine. This is apparently the position the German government is taking in this case. They want people to secure their access points so they are letting people off with a small fine that is still large enough to encourage them to go home and secure their connections.

4. The account owner could be completely absolved whether they can prove someone else did it or not, at which point all copyright infringement and other activities become unenforceable as soon as you can demonstrate you were running an open access point and anyone else COULD have used it.

Obviously, there is the issue of people not wanting others to use their connections, and asking the law to protect them. But, if you leave a router in a configuration that invites connections and allow that signal to go into a public place, how is another law-abiding citizen going to differentiate you from someone who does allow use of their connection?

If you leave your WiFi unlocked/open with SSID being broadcast, you are leaving it open for others to use. The nature of WiFi is that, if you leave it open, it invites people to use it. If you leave it open and you arrange (or fail to prevent) it in such a way that the signal reaches a public place, that invitation is now being made in a public place. Assuming no one has trespassed on your property to do it, the people who "leech" off your connection are not "hacking" in to your connection, their equipment is responding to an open invitation in a public place.

Many wireless devices autoseek the strongest open connection and use it automatically, so leeching on a neighbor's open account is all too easy in an apartment building or a neighborhood. If I have a secured WiFi access point on one side of my apartment, my neighbor's open access point could very easily be stronger on the other side of my apartment, and since the signal has "intruded" into my apartment and is stronger than my signal, my laptop will automatically switch over to his connection. That's the way 802.11 works.

Frankly, if you don't want people using your access point, turn off SSID broadcast or put some basic security on it, or make sure you aren't leaking the signal into public places or places owned by others. And, really, it takes just a minute or two to turn off SSID broadcast and tell your client equipment to connect to a "hidden" network, and that makes it obvious that you don't WANT connections.

And, given the changing state of the law in terms of liability, it's honestly in your best interests to do so. The law may or may not protect you, so why not just protect yourself and end the debate?

Re:I see.

[MediaCastleX]

Ever wonder if legal jargon is really just magic spells being spoken aloud? Lawyers and judges could actually be modern-day warlocks and witches locked in an eternal battle for good and evil on the battlefield of the court!

Re:I see.

[ildon]

You have daggers?

Re:I see.

[nurb432]

Yes, it was criminal ( in more ways then one :) ), however the post i was responding to did mention a civil suit, so included a comment about that too..

Re:I see.

[swillden]

If they feel it was reckless, an arrest (and criminal charge) will be made. If they feel it was just an inexperienced driver acting immaturely they will usually let it go

That is the point. With a firearm recklessness is essentially presumed. With the vastly-more-dangerous automobile, it's not. That is a double standard, and it's better for society to be consistent. We should either relax about negligent firearm discharges, etc., or get serious about vehicle negligence. I prefer the latter, myself.

Re:I see.

[natehoy]

It will at least demonstrate to any reasonable court that you made an attempt to indicate that your router was not for public use. Whether that would absolve you of any liability if your connection was used for nefarious purposes depends on your local laws.

Your best bet is to make every reasonable effort to ensure that your connection cannot be used for anything bad. Then you don't have to worry about someone else protecting you, and you never have to face whatever decisions are ever made about the liability of the account holder.

The most reliable way to do that (short of turning off the wireless or restricting the signal to your own property, of course) is to set up the most secure protocol you can and secure it with a reasonably complex key. The more you secure it, the less likely it will be that you ever have to face any liability issues. Use the highest level of encryption that works with all of your gear.

If you need to run it unencrypted for some technical reason (really old piece of network gear that you can't upgrade), then turning off SSID is at least a token effort on your part, though I'd seriously consider adding MAC address filtering to that if you can manage it.

But, if "SSID broadcast = off" is really all you can do (for technical or competence reasons), then I'd urge you to do that, at least.

I've set up secure networks for at least 5 people - they bring their router in, I take it home, flash it with the latest firmware, set up a WPA2/TKIP with a complex password that we've worked out together, set the admin password to something complex that I've also worked out with them, then bring the router back the next day ready to go. I have never, ever had the slightest complaint about anyone connecting to the resulting network.

My going rate is a six-pack of something interesting. ;)

Re:I see.

The Polizei give tickets for not locking your doors on your car. This is very annoying with a cloth-top as the thieves CUT the top to get in. You could leave the door unlocked, but then the other thieves (police) rob you.

Re:I see.

[3vi1]

After breaking into the house, wearing a mirror covered suit of sharkproof chainmail, he used a paperclip to reset the Wifi router to factory default passwords.

Security circumvented.

Re:I see.

[Arcady13]

Since the prison sentence for copyright infringement exceeds that of many violent crimes, I would say it is a fair comparison.

Re:I see.

[modecx]

Come to think of it, last I heard only Hawaii had a safe storage law.

Re:I see.

[Creepy]

Exactly, and more specifically, if this weren't specific to private citizens, it would essentially criminalize every wireless hotspot because as soon as that person is off the net, there is no way to track them down (any smart criminal can be anonymous by trashing IP leases and spoofing a MAC, if required [mainly for IPv6, since IPv6 addresses are generated "uniquely" using the MAC]). If this were applied to businesses, the only way to have a legal hotspot in Germany would require a user to present a legal identification card in addition to showing the IP being used after connecting (to map the DHCP address to the user), and then the user would have to only use an insecure connection so logging of all activity could be done. Basically, they are saying that private citizens don't have the same rights as businesses.

    About the only way I see to make this universally legal is to force IPv6, make users register their IP and MAC code with the government, make it illegal to change the IP or MAC address, and issue at least a 1024 bit encryption code to access the Internet with that IP (a high cubit quantum key would be better, but I'm being realistic). If someone steals something using your IP, it would be treated as identity theft if they don't find the goods on your machine. OK Germany, there is the plan, good luck implementing it at reasonable cost.

    I can't imagine the lawyers involved in the defense on this case were competent in any way.

Re:I see.

[macaulay805]

Interesting, why re-inforce the front door when you leave the window wide open? This is where defense in depth comes in. Had the owner, I dunno, setup 802.1x or something on the open ports, or required each port to VPN into the real network, then this could have been avoided with a simple brick and window solution. Either way, you can't really stop a determined attacker, you can merely slow them down and fend them off. Well, the paitent ones anyway.

Re:I see.

[severoon]

This is why our luckless perp should have been running a Tor server. What?!, he'd say. I'm just providing a service no different from ISPs! I have no control over what people do with it!

Re:I see.

[Carnivore]

But according to this quotation:

The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security -- they are only required to protect their Internet access by setting up a password when they first install it.

You should be protected if you have any password. Of course, this isn't the actual statute, so the wording could be more specific. Even if it is, are they going to codify the amount of entropy that you must include in your password? It seems like you could leave it as "password" and you're legally protected.

Re:I see.

[squiggleslash]

With respect, you're basically changing the subject. This isn't a game of oneupmanship!

The issue here is that you're liable because you made no effort to secure the router. Any effort, no matter how token, would change that as long as it was done in good faith. No court is going to expect you to take extreme precautions, because virtually every method you might choose is circumventable even if, at the end of the day, it involves someone throwing a brick through your window and hooking up a wire. Yes, it's more likely the hacker will find another victim than try to break your security, but in all honesty, that's true if you made a token effort to secure your network anyway. An unsecured network with a SSID of "linksys" will always be the first choice of anyone trying to casually get an internet connection. Courts look for some security, not perfect security, because there's no such thing.

That's the point I was trying to make, and why I made the explanation in response to your original comment.

Re:I see.

[Smauler]

Arguably during an accident a seatbelt can potentially keep the driver in his seat, and can keep the driver or passenger from becoming a missile and injuring someone else

Ok.... this kind of argument isn't going to help the pro-open access crowd. To be honest, the human missile argument wasn't really used all that much with regards to the seatbelt law either. Maybe it should have been, since there were thousands of third person human missile fatalities prior to compulsory seatbelting.

Re:I see.

So I guess if I were to drink some copy and download copyrighted material at the local coffee shop that has open-wifi connections then they're liable for what I download. What starbucks needs to do is hire a taskforce of people to put all the open wi-fi mom and pop shops out of business.

Re:I see.

[Artifakt]

That's the real crux isn't it. Will this law be used to charge any large corporations? If not, doesn't that say the people enforcing this law know it's not really valid by their system and wouldn't stand against someone able to afford a good lawyer's challenges. Isn't it entirely probable for this particular case that people are using business's free wi-fi sites for illegal downloading at least as much as their neighbors?

Re:I see.

[Frank+T.+Lofaro+Jr.]

I sleep with a loaded pistol on my nightstand because I live in a second floor apartment with no means of escape. Such behavior would be unthinkable if I had kids but is perfectly acceptable for an adult living by himself.

Just be careful if the phone rings.

Someone got a Darwin award for shooting himself with a gun when he put it to his ear when the phone rang.

Re:I see.

[thetoadwarrior]

If I recall you can get in trouble for irresponsible gun ownership so yes if you don't protect your gun you may end up in trouble if it's used in a crime.

Re:I see.

[Itninja]

I don't think it's a double standard. In most municipalities, firing a gun within the city limits is a crime regardless of damage done (except in cases of defense). If it's outside the city limits the police have to decide if the shooter was being negligent (i.e. being drunk, juggling pistols) or if it was just an honest mistake. I think that, since it's far more difficult to accidentally fire a gun (e.e. safety, unloaded) than it is to accidentally get into a car accident, the standards of accident vs negligence should be higher for guns.

Re:I see.

That's because pretty much everybody recognizes that locking a vehicle up is a reasonable and acceptable method to control access to it.

This doesn't stop people from being charged when say they leave a kid in a car and the kid makes it go off somewhere. Or maybe they don't get charged because the kid was reasonably old enough but did something dumb. Or maybe it was an adult who let the brake off. It happens.

See, human beings are capable of making judgments even if they can't necessarily articulate them in clear and easy logic.

Maybe you should have learned that on the way to your degree?

Re:I see.

[Jawnn]

Murder? Wow. Way off.

This is more akin to having a car that everybody in the neighborhood shares. Therefore it's always open. Some creep takes the car, gets charged with speeding, and the owner gets jailtime for negligence. This law is basically discouraging charity & sharing. It's stupid and typical of a judge who should not be a judge.

Charity and all that is cool. No argument there, but hello? At some point, you have to take some responsibility for your stuff. Want to share with your neighbors? Fine. Provide a way for them to contact you and identify themselves, and for your sake, sign some acceptable use document. Allowing the world anonymous access to your network is beyond irresponsible.

Re:I see.

[Smauler]

The law may or may not protect you, so why not just protect yourself and end the debate?

Because some people think that leaving wi-fi open is an expression of goodwill... sharing. I do not mind if others use my wifi, I quite like people doing so. If someone starts using lots of it, I'll block them, at least temporarily. That hasn't happened yet. There are people living close to me who are on low incomes (and bad credit ratings), and will find it tough to fork out for (or get) stable internet access. I do not mind sharing mine.

In the UK, the Conservatives recently campaigned hugely about "big society". Laws that hold those responsible for sharing liable go directly against that theme. Alienation from local issues destroys communities, lack of cooperation locally destroys communities.

Re:I see.

[warGod3]

Yeah, I'd use Law and Order as a reference to go on for legal issues...

Like I'd use the barrel of a gun scratch myself with.

Re:I see.

[Your.Master]

Almost every other example you gave are local ordinances designed to keep your neighbours' property values from plummeting, (and maybe reduce crime via "broken window theory"). Locking your door addresses none of them.

I do agree with much of everything else you say here, but I disagree that there's any relevant, reasonable precedent for the government legislating that you lock your home door (a behaviour that only appears common, in my experience, in cities and some large suburbs -- but then, I'm Canadian :)).

Re:I see.

[swillden]

I don't think it's a double standard. In most municipalities, firing a gun within the city limits is a crime regardless of damage done (except in cases of defense).

I haven't seen a municipal discharge law that doesn't exempt accidental discharges.

Re:I see.

[Grishnakh]

You rather missed the point I'm afraid, but to answer your question, his case hasn't been decided yet. The punishment for a Class A misdemeanor in NYS includes up to 12 months of jail time and a rather hefty fine (I want to say $10,000 but I'm not sure). I doubt he'll get that much of course.

As a gun owner myself, I'm not sure this guy should own any guns if he can make a mistake like that. Doesn't everyone know by now that the first thing you do before you clean a gun is to remove all the ammunition, and to check that the chamber is empty? And that the second thing to do is to re-check that the chamber is empty? Honestly, what is with all these idiots that have ADs while cleaning guns?

He will lose his pistol license, which means he can never legally possess a handgun in New York State.

This isn't a big deal. NYS sucks anyway, and there's 49 other states he can move to quite easily. About 40 of those states are gun-friendly, and don't require something as inane as a license to own a firearm. Just pack up and move, and file change-of-address forms, and get a new driver's license in your new state. There's nothing to it. For him, since he's in NYS, Vermont, New Hampshire, and Pennsylvania would probably be good choices without having to move very far. Maine would be nice too, although it's a little farther.

That last bit irks me a little bit, because it goes back to the double standard. When was the last time you heard of someone losing their drivers license over a property damage accident? Hell, we've got people on the roadways with a few DWIs under their belt who keep getting drivers licenses. Why the double standard? Cars can and do kill, more people than guns do as a matter of fact. Either guns are excessively regulated or cars aren't regulated enough.

Exactly right. IMO, it's both; in oppressive states like NY, guns are indeed excessively regulated, and everywhere, cars (actually drivers) aren't regulated nearly enough. Why should anyone with a DWI be allowed to drive again? At the least, they should have their license revoked for 6 months or a year. And why should anyone with a revoked license found driving be given anything but an extremely harsh punishment, such as seizure of their vehicle and a year in jail?

Re:I see.

[herojig]

Ha - and instead of the government protecting your doors from crooks, they are tied up with chasing clueless users of wi-fi routers. The world has gone nuts...in just a few decades.

Re:I see.

[Itninja]

Me neither. But, again, determining if it's an accident is at the discretion of the police on the scene. If the shooter just says "oops! my bad", and the cops think something fishy (i.e. guy 'accidentally' fires his gun often or it seems more like teenagers screwing around), then they will charge them.

Re:I see.

[desertfoxmb]

Actually it's more like someone walks into your unlocked house, steals a bunch of dvd's, makes copies and sells them on the street and you get fined because you didn't fulfill your supposed "obligation" as a consumer of a product to make sure no one pirated copyrighted material. No matter how you look at it, it's bullshit.

Re:I see.

[Runaway1956]

You know for a fact that Texas requires you to lock your weapons? Citations? http://ss.utpb.edu/media/files/university-police/TEXAS-WEAPON-LAWS.pdf

I skimmed through that, looking for lines that said I must lock my weapons up. Yes, there is a requirement to prevent children from accessing "readily dischargeable" weapons - but there are a whole meadow full of loopholes written into it. Basically, if you have no children living in your house, and don't invite them in, there's no reason to lock a weapon. Even if you DO have children, you can store the weapon and ammo in separate areas of the house, and comply with the law.

I live 20 miles from the Texas state line, and no one I know actually locks up weapons, unless they are collectors with high value antiques or specialty weapons.

Re:I see.

We have a different weapon law in Germany, here you are forced to lock your guns away. If you don't store them securely, you are breaking the law and if someone steals your gun and commits a crime, you can be held responsible. There was the guy, who took the gun of his father, went on a killing spree at his school and killed himself. Law suit against the father is still running afaik.

Re:I see.

[Smauler]

I've always had a complete disregard for security. Admittedly, most of the stuff I've ever owned hasn't been worth all that much... I've had expensive bikes, a few decent cars, expensive computers, moniters & TV's etc. I've never owned my own home. I leave just about everything unlocked, all the time. Currently I live in a "good" area, but I lived in Leytonstone and worked in Hackney for a few years when I was younger, and kept the same principle throughout. My complete disregard for security has served me _very_ well. I could very easily replace everything I own (and more) on the savings I have made by not buying insurance throughout. Two high quality £50 locks would cost me £100... if I had ever bought them, I'd be £100 down.

Re:I see.

People like you make me sick. No one has any right whatsoever to tell me what to do on my own property. If I want to leave my door unlocked, it is my decision. If I want to paint my house hot pink and let the weeks in my yard grow ten feet, it is my decision. If I want to share a service that I paid for with the outside world, it is my decision. As for you, get off of my unmanicured lawn.

Re:I see.

To be fair: Liability on the internet is not a cut and dry scenario.

If a major internet service provider doesn't implement proper security measures and doesn't monitor their networks well, resulting in a high influx of botnet perpetrators running on it, don't you think the ISP shares some responsibility for that?

As a purchaser of an internet connection, a person has effectively become a lower level of the internet network. If others are aloud to use their connection, they are then as well an ISP.

If this story wasn't about "piracy", and instead the wifi perpetrator used the connection to launch a new virus onto the internet anonymously, I think many people on this site would be blaming the consumer for idiocy, instead of defending his/her right to be an idiot.

I'm not saying the judgment was righteous, I'm just saying it's not so black and white. Where the lines are and should be drawn as far as liability and ISPs is not well established.

Re:I see.

[zill]

My going rate is a six-pack of something interesting. ;)

What's the going rate for those WPA2 passwords? ;)

Re:I see.

[dotgain]

To be honest, I believe the the case you're discussing is far more serious.

I don't really know why there are so many accidents with loaded guns, but I know I'm not missing something here: It is so easy to disable a gun from firing by removing the ammunition, rendering it no more harmful than a brick, with no chance of accidentally re-enabling it. We can't reasonably operate cars in this manner, however if you don't know how to safety and unload your own firearm, it's unquestionably in the wrong hands.

Maybe I haven't got your story straight, maybe he accidentally fired while unloading and checking before cleaning - sorry if this is the case. And I do hear you clearly on the disparity in people's thoughts on the dangers of guns versus cars, there's been a lot of hype and BS. And while I don't consider either of them to be "killing machines", there's one thing for sure about a gun, they do nothing but harm to what they're used on (unlike cars) whether or not that is desirable, and are designed to be easily safetied in light of that fact.

Re:I see.

Thank you for pointing out that other slippery slope we're half way down.

Wearing a seatbelt is something that primarily affects YOU, the one it protects (or slices in half depending on the force of the impact).

You're now arguing that a Wi-fi connection is a "dangerous weapon". There is a VERY VERY FUCKING BIG difference between a wi-fi connection and your standard pre-loaded semi-automatic. At most, the connection can make a copy of something. A lethal weapon is designed and intended to destroy the original copy of something.

Re:I see.

[Shakrai]

Honestly, what is with all these idiots that have ADs while cleaning guns?

No such thing as an accidental discharge. Let's call them what they are, negligent discharges.

This isn't a big deal. NYS sucks anyway, and there's 49 other states he can move to quite easily.

South Carolina sucks anyway, and there's 40 other states without Jim Crow that those African-Americans can move to.....

Re:I see.

In some places, that's called "setting up a strawman"...

Re:I see.

[ivan_w]

And what I am saying, with all due respect, is that the notion that "virtually all security devices can be circumvented" is misleading.

If you take it into a broad and global sense, that's of course true - but becomes very impractical after a bit. If you can't break the Wifi, you break the house. If you can't break the house, you break the ISP's premise. If you can't do that, you start a revolution and take over the country, then nuke the country, start an intergalactic war, etc..

However, you can only talk about the validity of a security device by the scope of the resource it is protecting. And in that respect, a Secured Wifi setup can only secure *ONE* thing : your wifi connection (but not any underlying resource - your house, your DSL modem - or your kitchen stove).

The whole point of a security device is to make it so that it is not economically viable to go *through*.

And in the respect of the OP context, the proper setup of the WiFi as a security device would seem to have been enough to secure both his WiFi and his internet connection and thus is liability with regard to German law. IANAL, but if someone broke in (thus - in your term - circumvented the security device(s) - the WiFi protection, the door lock, the window glass, whatever) and downloaded whatnot from the DSL line - he would have not have been liable since he would have put reasonable effort to prevent the misdeed from happening - and thus, the security device would have performed its function.

Re:I see.

[Smauler]

Guns aren't as important as cars. That's the reason. You can live your life without a gun very easily - without a car, it can be difficult, especially in loads of places in the US AFAIK.

Re:I see.

[Shakrai]

I don't know how he managed to have a negligent discharge. I've never had one in 15 years of handling firearms. I don't have much sympathy for him with the criminal charge and loss of pistol license either. My only point was that we treat car owners with kid gloves when they destroy property while gun owners are punished for what "could of" happened even when it didn't....

His bullet through his neighbors wall caused nothing more than drywall damage. Easily repairable with a patch kit and some spackle. Probably less than $100 worth of damage. Does that dollar amount of damage caused by a motor vehicle result in criminal charges? Worse, does personal injury caused by a motor vehicle often result in criminal charges?

Re:I see.

[Grishnakh]

South Carolina sucks anyway, and there's 40 other states without Jim Crow that those African-Americans can move to.....

I wouldn't move to SC either. However, Jim Crow laws are ancient history now, so that's really a red herring. But living in any state means you need to live with the other people there, so regardless of the laws, you'll still have to put up with the attitudes and local culture. If you don't like those, move. There's a lot of other states to live in.

Mississippi is pretty gun-friendly too, but I wouldn't want to live there.

Re:I see.

[cayenne8]

"If the court thinks you did it on purpose, then yes it does. If it was truly accidental then i think you could still get sued in civil court for negligence. There have been many cases of people not their securing firearms being successfully sued when someone dies as a result."

Hmm....that would depend HEAVILY on what state you live in, most likely I'd guess...a more northeastern state.

Down here, if they catch the guy, they'll likely give you your gun back and let you shoot the thief!!

I kid...I kid, but seriously, you'd never hear of anything like that happening down here like that.

Re:I see.

[Shakrai]

Did I miss the part of the US Constitution that says the right to keep and drive cars shall not be infringed?

Re:I see.

[Culture20]

Answer: he throws a brick through the window, enters the house, and HOOKS HIS LAPTOP UP TO THE DSL MODEM.

Also - on a side point - Mr "Elite Hacker", not wanting to be indicted for larceny, will probably just go do his road warrior thing a bit more until he finds a more accessible access point to perform his mischief.

Until all wireless routers are mandated by law to be well-secured. Then breaking and entering becomes an easier method of gaining internet access. And internet access is coming ever closer to being necessary to function in today's society beyond subsistence level, so the desperation necessary to make ordinary Joe commit a higher-order crime like breaking and entering just for internet might exist soon.

Re:I see.

[Smauler]

No, I was just trying to point out why car ownership may be a lot more important to most US citizens than gun ownership. I wasn't referring to the constitution at all.

Re:I see.

[cayenne8]

"They tell us we have to wear seatbelts. What's so absurd about telling an individual who owns dangerous weapons that they have to keep them locked and secured? Would you be comfortable with a person storing their guns on their front porch?"

Frankly, I don't see that the govt...at least the Federal Govt of the US should be able to mandate you wear a seatbelt. I think if you're a grown adult, you should be able to make that choice.

Others here have made the argument about it helping keep you in control of your car during an accident..ok, maybe I can see that. But I don't agree with things like motorcycle helmet laws, etc. If you're stupid enough to ride w/out a seatbelt or helment well, that should be your problem. Perhaps you need to remove yourself from the gene pool anyway, you know?

What state do you live in that requires you to lock and secure your weapons? I've never lived anywhere that requires that, hell in my state, you don't even have to register any of your weapons. The state has NO idea what guns I own, have bought or sold (I deal strictly with private transactions between individuals, no gun stores for me).

Re:I see.

[Shakrai]

Eh, I was making the comparison to another state that historically trampled on the constitutionally protected rights of it's residents. New York State has no more right to require me to get a license to own a handgun than it would have to require me to get a license to post this comment on /.

The Jim Crow comparison goes even deeper than that too. Remember when the Southern States imposed poll taxes to keep blacks and poor whites from voting? That's exactly what New York City does with firearms licenses. It costs more than $430 to apply for a NYC pistol license. Said license may not even be issued and even if it is will need to be renewed in two years. The objective is to make gun ownership so costly and such a PITA that nobody bothers.

Telling someone they should have to move to another state to exercise their inalienable rights is not a valid answer, IMHO.

Re:I see.

[Creepy]

You obviously haven't lived around farmers - some practically do have them on their front porch (due to the elements they keep them under something or indoors, though)... I know several that not only leave the house unlocked, but store loaded guns in the garage or a utility room on a unsecured gun rack (with the safety on, of course). A fox in the hen house and rabbits in the garden require quick attention. My grandpa used to store them unloaded, but with bullets handy nearby and fairly high up so kids couldn't reach them. By the time you're tall enough to reach the guns, you are expected to know how to use them safely and hopefully hit whatever you're shooting at. Grandpa wasn't too tolerant of pets, either - if a dog got in the hen house, the owner of that dog would have to put it down (one of my uncles had to do that twice, and I imagine killing your pets is quite traumatic - grandpa also shot my favorite farm dog for that offense).

And this is more akin to you leaving the apartment complex door open and your neighbor getting robbed. As for seatbelts, the laws themselves aren't quite the right analogy - it is more like a driver who picks up a hitchhiker on a dark night and at first she puts on her seat belt, but as the driver slows and approaches a brightly lit sobriety checkpoint, the passenger takes off her seatbelt, jumps out of the car and runs. A cop saw her remove her seatbelt while the car was still in motion and tickets the driver for having a passenger not wearing a seatbelt without chasing the passenger, who is actually a heroin mule running drugs.

Re:I see.

Germany has many laws that normal 'law-biding' citizens of other countries might find objectionable. Friends of ours spent two years there while the husband/father did a stint with Motorola. The got fined once for 'improper placement' of their garbage containers on the garbage pick-up day.

Re:I see.

My wife and I sleep with 3 loaded pistols next to our bed, plus a shotgun and an AR-15 behind the bedroom door. We live in Phoenix where home invasions by armed men happen every day.

Re:I see.

[HaZardman27]

You say that now, but you'll feel differently when someone steals your maple syrup.

Re:I see.

[Duradin]

"you can't use a car to shoot a politician or other government official or functionary that's come to seize your property and your freedom..."

You don't shoot people with cars, that's silly, though if done it would be awesomely silly. You run them down, back up, and repeat a few times.

Re:I see.

You're forgetting that wearing a seatbelt stops you from fucking up while driving or getting hurt, preventing them from using *your* wifi doesn't stop them form torrenting crap.

Re:I see.

[HeronBlademaster]

You're pretending that setting up an open wireless access point automatically makes you a "telecommunications carrier". There is no legal precedent for that, as far as I'm aware, and it wouldn't make sense to classify private citizens as telecommunications carriers just because they set up a $50 wireless router.

Re:I see.

[Grishnakh]

Telling someone they should have to move to another state to exercise their inalienable rights is not a valid answer, IMHO.

It comes down to whether you want to choose principles or pragmatism. NY has probably had these restrictive gun laws longer than I've been alive (I just turned 36). You can call them "unconstitutional" all you want, but that's only your opinion (and mine as well, FWIW). Just like the JC laws, they're only truly unconstitutional when the Supreme Court rules them so. How long do you want to wait for that? How much energy do you want to put into a legal fight to get the Court to agree with you?

There's tons of things that are legal that are unconstitutional. The Patriot Act, all kinds of illegal searches and seizures (try carrying $100k in cash with you and see what happens when the cops stop you--they'll take the cash as "drug money" even though you probably won't be charged with any crimes), various gun laws, etc. If you want to fight these laws, go ahead. But you may spend your entire adult lifetime doing so. Or, you can move to a state where the political climate is more agreeable with your principles, and live in peace. You can still fight against the injustice from there, by supporting political organizations or whatever, but at least you won't have to live under the bad laws.

Re:I see.

[Smauler]

Exactly right. IMO, it's both; in oppressive states like NY, guns are indeed excessively regulated, and everywhere, cars (actually drivers) aren't regulated nearly enough. Why should anyone with a DWI be allowed to drive again? At the least, they should have their license revoked for 6 months or a year. And why should anyone with a revoked license found driving be given anything but an extremely harsh punishment, such as seizure of their vehicle and a year in jail?

I got a DUI (UK equivalent of DWI) back when I was 20. It was the morning after, about 5:30am, and I completely didn't think about my intake. I did no damage to anyone, and did not cause an accident, or get close to an accident. I was picked up because I was driving a little fast (only a little fast, 10mph over the limit or so). I should not have done it, and I got banned from driving for 2 years (which didn't affect me much at the time, I lived in London), and a fine. 10 years later I get turned down for a job because of that one incident 10 years ago. Now, I know I should have been punished for doing something stupid when I was 20. However, should I still be being punished at 30 for something _so_ long in the past?

In the UK drink driving convictions stay on your driving license _longer_ than death by dangerous driving convictions.

Re:I see.

[az1324]

Seems like a nice thing to do, but I'm pretty sure that is prohibited somewhere in the TOS you agreed to when signing up with your service provider.

Re:I see.

[cayenne8]

"Yes, starbucks is liable if the cops wanted snooping. According to CALEA [wikipedia.org] everyone with wifi is responsible for wiretapping the feed, in real time, and streaming it to the feds. This is not the last mile ISP's problem, it's whomever is giving the last link - personal, corporate, anyone. If you don't have the tech ability to do it, too bad. 10K a day fine. Oh and if they demand it of you and you can't just do it you also are not legally allowed to just turn it off. "

I don't think that CALEA applies to private citizens running open wifi (yet).

Reading that link, it specifies over and over again that it requires telecommunications companies to conform to it, and while I don't have the technical definition they use for a telecommunications company, from what I can read, I don't think it has (yet) been applied to private citizens running wifi at home. I don't think it even has to do with Starbucks running an open wifi...the CALEA condiderations have already been applied further upstream by the telecommunications companies that run the lines and switches that you the end user hooks to.

That being said, however, I don't doubt that at some point...they'll try to make everyone responsible for letting them more easily eavesdrop on everyone out there.

Re:I see.

[bws111]

There don't need to be such laws. Nobody cares if you leave your property unlocked or your wifi open (well, the ISP might care about that one). However, if someone uses your unprotected property to commit a crime (say drug dealing from your unlocked property or copyright infringement from your open wifi) then you share some of the blame. It is simple negligence, no new laws needed.

Re:I see.

[hypergreatthing]

hmm... elite hackers using a brick?

What kind of elite hackers do you know? Their pasty white skin couldn't stand 10 seconds in direct sunlight.

Re:I see.

[cayenne8]

"Allowing the world anonymous access to your network is beyond irresponsible."

Why? How? In what way?

And who is to say it is 'irresponsible'?

Re:I see.

[tophermeyer]

Frankly, I don't see that the govt...at least the Federal Govt of the US should be able to mandate you wear a seatbelt. I think if you're a grown adult, you should be able to make that choice.

It is usually State and local Governments that enforce seat belt laws. They tend to exist because they reduce the risk of "exploding tube of toothpaste" type of fatalities during accidents. They serve the public good in two ways. 1) They keep healthcare and insurance costs low for everybody; fatal accidents or accidents with heavy injuries are very expensive to clean and rectify. 2) They make sure that our precious children aren't exposed to images of motorists transformed into a pile of chunky red salsa. Think of the children.

What state do you live in that requires you to lock and secure your weapons? I've never lived anywhere that requires that, hell in my state, you don't even have to register any of your weapons.

Massachusetts (for one). To own a Long Gun you need to pass a state safety course and register the gun with local police. Handguns require an additional safety course and approval from your local police chief. Concealed carry permits require even more course time, approval from local police chief, and usually an 18-24 month waiting period (during which if you even get a speeding ticket you are denied). All guns must be stored unloaded in a locked cabinet or case, or with a trigger lock. Birthplace of liberty my ass.

Re:I see.

[cayenne8]

"Yes, if you don't secure a firearm and one of your kids uses it to blow his friend's brains out then you are liable. But the GP talked about someone breaking in -- why should you be liable in that instance? It's your fault that a someone decided to break the law and steal your property?

I wish that everyone was held to the same standards as gun owners. As a random example, we just had a guy in our town charged with reckless endangerment (a misdemeanor) for putting a bullet through his neighbors apartment while cleaning his pistol. Just property damage, thankfully nobody got hurt, yet he was criminally charged. Contrast that with automobiles. Automobiles can and do kill -- but when was the last time you saw someone receive a criminal charge for an automobile accident that resulted in property damage and no personal injury? "

Wow..what state do you live in where they would be so uptight about this? I'm guessing they have pretty strict gun laws where you live? I doubt you'd hear of what you talk about happening where I live. I mean, if you did the gun cleaning here and it fired and HIT someone, yes, I'd guess you'd get charged with something, but nothing more than an accident. But if it did like you said, likely there'd be nothing come of it at all, just everyone breathing a sigh of relief no one was hurt and knowing to be more careful next time.

Down here...they'd likely treat the accidental gunfire like the accidental car accident if no one was hurt.

Re:I see.

[anexkahn]

I don't think the crimes are necessarily comparable, but sometimes it feels like the punishments are....

Re:I see.

[Grishnakh]

I'd say no. In fact, I think the whole thing about employers having access to your law-enforcement records seems a little wrong. I can see not wanting to hire someone who's a rapist or murderer or auto thief or whatever, but it sounds like it went too far in your case.

I think these convictions need to drop off your record after a certain time, and after that, no private company should be able to find out that you were convicted of that crime. For instance, if you shoplift something when you're 20, that conviction should go away after 5 years, so you're no longer kept from any jobs because of it. If you rob someone, that should probably go away after 10 years or so.

We have the same problem here in the USA. If someone commits a crime, there isn't much incentive for him to not become a career criminal, because he'll never get a decent job with his record, no matter how much he tries to improve himself. The War of Drugs is responsible for a lot of that, with people getting criminal records for possession of a simple herb, and then not being able to get any kind of job higher than cleaning toilets. If you're going to be limited to such low-paying jobs, why not just take a job in the black market dealing drugs or whatever, and make tons of money?

Re:I see.

[Creepy]

Exactly the reason I said the only way to truly way to secure the network is at a per-machine/per person level - require a government issued encrypted password just to access the internet, and tie it to a particular person. Since passwords are per user, even if the machine is shared criminal activity can be traced back to a particular user (or their identity stealer, but nobody will lose that, right?). Also only IPv6 with unique IPs, and MAC and IP addresses are tied to a hash key with the password - if the hash doesn't match (because any one of those three changed), the criminal is arrested by TPID (Thought Police, Internet Division), found guilty by proxy, waterboarded, thumb-screwed, and kicked by a team of 6 wearing lead toed boots for 30 minutes twice daily for 16 months. Oh, and all activity is logged and sent back to the government for analysis, but that is a given, of course.

Re:I see.

[the_arrow]

At least a fork isn't an Extremely Inefficient Weapon.

Re:I see.

[tophermeyer]

Yes. I would absolutely say that.

Re:I see.

[tophermeyer]

"Owning a gun is a right, but you have an obligation to practice that right in a responsible manner."

No you don't, that's why it's called a right and not a privilege.

Its a Moral obligation, not necessarily a legal one. The same holds true for all our rights. The people that stand outside soldiers funerals claiming god is punished us for homosexuality are exercising their legal rights but failing to adhere their moral obligation to use that right responsibly.

Re:I see.

[cayenne8]

"It is usually State and local Governments that enforce seat belt laws. They tend to exist because they reduce the risk of "exploding tube of toothpaste" type of fatalities during accidents. They serve the public good in two ways. 1) They keep healthcare and insurance costs low for everybody; fatal accidents or accidents with heavy injuries are very expensive to clean and rectify"

I don't buy that argument. Rather than seatbelt laws as an example (since they have been on the books so long), lemme use an analogy with motorcycle helmets. We used to have choice here to wear helmets or not if you were over the age of 18. They argued it would save lives AND would save money on everyone's insurance if we re-instated the helmet laws.

Well, while the bitch was governor, we got the helmet law back. And I'm still asking everyone if they noticed that savings/reduced rate we all got back due to the monetary benefits of wearing a helmet?

No? Hmm....

And, from what I've read...not much a swing in motorcycle accidents/fatalities either way.

"Massachusetts (for one). To own a Long Gun you need to pass a state safety course and register the gun with local police. Handguns require an additional safety course and approval from your local police chief. Concealed carry permits require even more course time, approval from local police chief, and usually an 18-24 month waiting period (during which if you even get a speeding ticket you are denied). All guns must be stored unloaded in a locked cabinet or case, or with a trigger lock. Birthplace of liberty my ass."

I was guessing somewhere in the NE.

Sad...more and more I hear about loss of freedoms and all in the very area of the birthplace of our nation. Hell, last time I was up there, I was aghast at the strict liquor laws, and how no one could smoke within a country mile of shore it seemed like....my girlfriend at the time up there often told me I'd be in jail quickly with the pipes on my motorcycle, which are slightly loud, but not obnoxious (pretty much on par with most any bike here where I live). I used to astound people up there with the fact that I've never experienced an emissions check on my car or bike. No such thing where I've ever lived. Heck, in my last state I lived in, they completely did away with the auto inspection requirement. People figured it was nothing but an extra tax grab and got rid of it.

Re:I see.

[pikine]

Your country or state's firearm regulation law may make it illegal if you simply show a non-concealed firearm in the public. If your premise is not reasonably secured, it could be considered a public place. You may also be more directly charged with irresponsible handling of firearms. It's about the firearm, not the door. It's not about what you do with your doors. You are not even required to have a door. You may drop your firearms in a very deep well, sealed with a grill instead of a door, or surrounded by a fence. You may put your firearm in a block of solid concrete so nobody may use it ever again.

In this case, I think the ruling is reasonable. It only requires you to password protect your WiFi, but it doesn't require you to keep applying security updates. If the password protection requirement is met, it waives the subscriber's liability for the illegal content that a third-party transfers. This means if you can show your WiFi is password protected and the illegal access is done by a third-party, then you are not liable.

Back to firearm analogy, it's like saying if you keep your firearm inside four walls with a locked door, then you are not liable for criminals who steal your guns. However, if the law stops being more specific here, then it means your walls could be made with cardboard if you want. Since WEP has about the same security as cardboard, the law may want to specify at least WPA2 protection. It is reasonable to assume that if you want to secure firearms in a premise, then your walls and the door should be made of a certain kind of material that is relatively durable. If you practice due diligence, and your premise is still broken into and firearms stolen, then I think it's great that the law protects you from criminal liability.

Re:I see.

[modecx]

On a related note, check out this guy.

Re:I see.

[Shakrai]

I see what you are saying. At the present, I choose to fight them, because I love my home state and don't yet have the desire to leave. If I do wind up leaving it will probably be driven more by the excessive level of taxation than by the gun laws.

NY has had it's restrictive handgun laws since 1911. It's called the Sullivan Act. It was passed at the behest of a State Senator with ties to organized crime and was written in such a way as to give the police near total discretion on whether or not someone got a pistol license. This discretion was then used to keep immigrants and other "undesirables" from legally owning handguns.

Re:I see.

[Smauler]

I'm sure it is... however, leaving my wifi open is much more convenient for me alone anyway. It's a PITA getting everything to connect using WPA, especially when some devices don't support it. Leaving it open is better for me, if others use it so be it.

Re:I see.

[pikine]

The good news is that, the new court ruling says the very minimum you have to do is to secure your WiFi with a password. And if you do that, you will not be liable for the illegal access made by a third-party, so you don't have to call the telco to suspend the DSL connection before you go on vacation.

Re:I see.

[maxwell+demon]

Well, you have to decide: Do you want to be treated as private person, or as provider? You cannot say "I'm provider where the private person rules are worse for me, but private person where the provider rules are worse for me."

Re:I see.

[Shakrai]

I live in the People's Republic of New York, so there you go. Not a very gun friendly state at all.

Even without criminal charges, he will certainly lose his pistol license, which in this state means he can't legally possess a handgun at all. Note that I didn't say "own", or even "carry", I said "possess". In New York State it's a crime to so much as touch a handgun if you aren't licensed. I can't legally show my live-in girlfriend how to clear my handguns, nor can I take her to the pistol range and let her shoot them. If she touches one of them and it's unloaded she has committed a misdemeanor. If it's loaded she has committed a felony. How asinine is that?

Re:I see.

It works that way if you leave your car unlocked.

Re:I see.

[natehoy]

OK, I see that argument. I even agree with it. But then where does that leave liability for people who actually do wrong?

Obviously this discussion has to set aside the Terms of Service of most ISPs that prohibit you from sharing your connection anyway, but that's a contractual matter and not a legal one.

If you allow anyone to use your WiFi, and someone uses it for something bad, the only name on record as controlling the connection is you. How are the authorities going to find the person who actually did it?

It does add a whole new problem of people being punished for their generosity, and that sucks, but these are some of the things we need to work out. And they aren't strictly analogous to anything we do today, so analogies to the existing law fall apart really fast.

Re:I see.

There are several things wrong with your analogy. First: jailtime? Really? It was a $160 fine. Secondly, it is not as if 'some creep gets charged with speeding'. It is more like a speed camera caught your car speeding, but they don't know who was driving. In that case, the owner of the car WILL be expected to say who was driving, or he WILL be fined himself. Furthermore, if that car is involved in an accident or crime, the owner WILL be liable for negligence for failing to protect the car from unauthorized use. In other words, don't use an analogy that demonstrates well-established law if your intent is to claim new ground is being broken.

Re:I see.

[natehoy]

More than you can afford. I know my fairy tales, and "The Goose That Lays The Golden Eggs" shall remain unharmed. :)

Re:I see.

[tophermeyer]

People figured it was nothing but an extra tax grab and got rid of it.

Not going to lie, I chuckled a little when I read this. Locals refer to MA as "Tax-achusetts" because of things like that.

Re:I see.

[HeronBlademaster]

I don't see why I'd ever want to be treated as a provider.

Re:I see.

[squiggleslash]

Again, I think you're missing the point. Every security system can be circumvented. That's not misleading, a judge doesn't give a rats ass whether the system needs to be circumvented by the world's greatest computer hacker getting a blow-job from Halle Berry while John Travolta holds a gun to his head, from a room above a bar in a country 5,000 miles away, or whether it's done via the simple act of throwing a brick through the window and accessing the hardware directly.

You think that matters, because you're a computer geek, and so you see things through a geek's perspective. Judges don't.

What the law generally wants to see is that you didn't let someone in, you didn't leave it open, you took steps to make it clear to anyone trying to get access that they'd need to hack in when they do.

You switched off the SSID broadcast. You locked the door of your house. By doing both, you made a pro-active attempt to secure your network. Do those, and no judge in their right mind is going to say you were facilitating.

Re:I see.

[Mr.+DOS]

...for good and evil...

Pretty sure the majority of both sides are just fighting for profit.

Re:I see.

[natehoy]

First, I was making a more broad statement than this specific one. The chances you will have to deal the results of some stranger doing something evil with your connection are inversely proportional to the amount of effort you put into securing it from strangers.

Note I didn't say "chance of prosecution", only "chance of being caught having someone you don't know doing evil with your connection". The actual consequences may vary from "we couldn't prove it was you, so you're free" to "we couldn't prove it was you, but we'll only take ignorance as a defense once - secure your WiFi now" to the German "we won't hold you liable for the actions, only for providing the tools - secure your WiFi or face another fine" to "we'll let you off if you help us identify the real perp" to "you are utterly responsible for anything done on your connection."

I'm not trying to judge the merits of any of the above statutes, only state that you have to worry about them less if you put more effort into prevention. The harder you make your network to crack, the harder it will be for someone to crack it, and the less likely it is that someone can use your network for evil.

If you have a WPA2/AES network encrypted with a RADIUS rotating key and implement a secondary proprietary level of encryption, filter MAC addresses and encrypt their exchange, and set up an automated rail gun that points to any other device outside of your control and shoots it, then you probably won't ever have to deal with someone doing something bad on your network. ;)

Let's not forget the important side effect - if you leave your access point completely open (even with SSID turned off, and even to a lesser extent with an inferior encryption like WAP) any passerby can capture and interpret any unencrypted data you send over that wireless LAN.

Your bank passwords are safe, those should be using SSL. But if you print your taxes on your wireless printer, surf regular web sites, or check your webmail, or even check your regular email, that information is transmitted to any receiver in range. And if it's unencrypted, anyone can intercept it and keep a copy.

Do you share folders from computer to computer? Open WLAN means that anyone can search for and find them, and take any contents they want.

So there are far more important reasons to secure your LAN than the possibility of liability from some third party's actions. Those third parties could screw with you directly.

Re:I see.

Are you going to leave a sign in your window and outside your door that says it's unlocked, and that anyone COULD enter, but should not? That's the analog, real-world equivalent of an open access point.

Re:I see.

That's crappy. Either you stop the person or you don't. I do not see why effort here is even considered.

I either have the responsibility to stop people from using my wifi or I do not.

People harp about effort, but I'm sorry, the end result counts a ton more than effort.

Re:I see.

[maxwell+demon]

Well, this partial thread was about using a "provider excuse" (leaving the WiFi open as public service) to get around rules for individuals.

Re:I see.

[buchner.johannes]

Turn on encryption and change the default password and you're fine.

WLAN routers haven't come without encryption for a long time now. These days the default password (e.g. when you buy them with your internet connection) is some random string specific to this device.

I think one issue that might have contributed to the sentence was that the WLAN router came with encryption, and the user actively disabled it.

Re:I see.

[HeronBlademaster]

Leaving a wireless access point open with the intent to share it doesn't mean you're a provider, it means you're sharing your service.

If I wire a telephone outside my house and post a sign that says "feel free to make personal calls", I'm not suddenly a telephone service provider; I'm just sharing the service I'm paying for.

And, what rules for individuals would you be trying to get around?

Re:I see.

Ever wonder if legal jargon is really just magic spells being spoken aloud? Lawyers and judges could actually be modern-day warlocks and witches locked in an eternal battle for evil and evil on the battlefield of the court!

FTFY. The enemy of my enemy is my enemy's enemy, nothing more, or something like that.

Re:I see.

* [Citation Required]

Oh, wait, you heard it from some guy.. well then it must be true, because we all know Canada hates gun owners.

Re:I see.

[Lord+Ender]

That sounds like the kind of bullshit story a firearms instructor would repeat (after layers and layers of embellishment) in order to get you to take his course seriously.

Re:I see.

[ciggieposeur]

Obviously this discussion has to set aside the Terms of Service of most ISPs that prohibit you from sharing your connection anyway, but that's a contractual matter and not a legal one.

How does one define "sharing"? Does a wifi access point HAVE to have a password on it to say it isn't shared?

My neighborhood has lots of space between houses. My access point is a minimal DSL+wireless router, maybe four houses can get the signal, and I've never seen anyone else on the router's wireless client list as all of my neighbors have their own connections. For a stranger to get on, they would need to drive down my low-traffic residential road and park for a while. We never see that.

I think it's reasonable to say in my circumstances that I have no intent to share my wifi, even though I've got no password on it. I've had lots of trouble in the past with WEP/WPA(2) (old Linux machines with creaky wireless cards) so it's much more convenient just leaving it as is.

Re:I see.

[darthdavid]

No it's just a hellish mix of excess verbiage, inane detail and Latin (often bastardized to various degrees). Add in the fact that a lot of things fall on precedent rather than explicit law and you get a crap-ton of cases to memorize for any given field in any given country...

Re:I see.

[bws111]

Like it or not, your internet address is assigned and traceable to you. So when you give anonymous people access to your network, and one of them uses it to share copyrighted material, or make terror threats, or download child porn, it is YOU they are coming for first. And don't think that a simple 'I have an open wifi' is going to get them to go away. Once they have your IP address they have probable cause to search your house and computers and generally make your life hell. And if you DO have an open wifi, they now ask, "is the guy just clueless, or is he actively trying to obstruct justice". Any reasonable person would call someone who willfully does that 'irresponsible'.

Re:I see.

[asamad]

Lets start charging shop owners as well, they leave their stuff out for people to shoplilft and are thus allowing people to copy stuff for free...

This is rather absurd

Re:I see.

This is about legal liability, not about what you should do for you own piece of mind.

Re:I see.

[ciggieposeur]

It's safe to say he didn't. If he had configured his router to not broadcast the SSID, then he would, legally (in most jurisdictions, I assume Germany is no different), have taken proactive steps to secure his network (even if they were token efforts) and we wouldn't have a story.

This logic (opt-in security) makes me very nervous for two reasons:

1. For many years ISPs shipped and electronics stores sold access points that were open by default. A clueless customer sees the access point as an appliance: plug it in and it works. This logic says they gain liability as soon as it works, and then have to take extra steps to avoid that liability - steps that might in all honesty be beyond their skill level. I don't know any other non-regulated (i.e. not firearms) consumer good like that.

2. Back in the late 80's / early 90's computer professionals who were convicted of hacking got far worse sentences than clueless newbs, on the theory that they should be punished as one would a doctor or engineer who used their skill to harm society. I could see this logic extending that concept - that knowing more about the technology increases the liability - to regular consumers. A person who sets a BAD password, or hides the SSID while leaving no password, or subtly botches it in any other way might find themselves in deep water if their connection ends up being misused. They obviously know enough to secure their access point, so why shouldn't police believe them guilty of the crime that led to the access point?

Re:I see.

[shadowbearer]

  Anything that a human can think up, another human can reverse engineer. This will always be true.

  There's always someone, or some group, smarter, or with more time or better tools. After all, it's likely they are building on your knowledge, or the knowledge you built your work on.

  Dammit, that ought to be one of the basic laws of technology, right alongside Murphy's Laws. Maybe if it was as popular more people would understand it...

SB

Re:I see.

[treeves]

Yeah, right.
I always thought the argument for seatbelt laws is that if you get hurt or killed it costs society financially, so we can't let you let that happen.
Of course, the next logical step would be total bans on smoking, and on high-calorie, fatty food and sugary drinks. The whole thing is not logical though, so, OK.

Re:I see.

No, it's a typical argument for someone who doesn't believe the absurdity could actually happen, even when it practice, it will. Although, your point is valid. They're evil warlocks.

Re:I see.

I think your wifi access configuration is broken if it switches networks merely based on strength of signal.

Mine requires active input, and confirmation, especially when it's an unsecured network.

That's the way I like it.

Re:I see.

[GameMaster]

I would, also, say that.

Re:I see.

[WNight]

The law may or may not protect you, so why not just protect yourself and end the debate?

Because that defeats the open wifi mesh. Locking everything down just to make other people easier to sue seems like a horrible idea.

Re:I see.

[GameMaster]

Rights have obligations along with them all the time. One, overused, example would be the fact that you're not allowed to yell "FIRE" in a crowded theater. Another would be that people given classified military clearance aren't allow to express their first amendment rights by telling the secrets they know to our enemies. Personally, I don't think there should be too many of them, but long standing legal precedent says they exist. Everyone knows that guns can be dangerous if missuses and we all know that there's a chance that someone will rob our house or that a child might get access to the gun. It is, highly, reckless to not have a firearm properly secured. Is it a crime (or civilly actionable)? I don't know (as I said, IANAL) but I would be very surprised if you couldn't, at least, be found partially liable for damage done with a gun you own and didn't properly secure.

Re:I see.

[WNight]

I do not mind if others use my wifi

Thanks. Nice to see other people share basic net access.

Re:I see.

[GameMaster]

My previous post aside, I too agree that the court decision is BS. There is a world of difference between a gun and Wi-fi access.

Re:I see.

Thank you good sir. You have inspired my next campaign.

Re:I see.

[Itninja]

Well, I'm not really sure what you mean by 'down here'. But based on your use of 'like that' twice in the same sentence I will guess Southern US..Alabama maybe? Just do a search and find that it can and does happen in the Southern US.

Re:I see.

[zuperduperman]

> This is exactly like making it illegal to leave your door unlocked

No, because the contents of your house do not (normally) protrude out onto the street and area surrounding your property. It's more like you left your CD burner out on the path outside your house and then someone came by with some CDs and made illegal copies using *your* equipment. I don't know if it mattered in this legal case specifically, but I think it's an important distinction if you are projecting your open access wifi signal *into public space*. If you, on the other hand, confine it within your house and someone has to enter your private property to access it, that would be different.

Re:I see.

[BlueStrat]

"you can't use a car to shoot a politician or other government official or functionary that's come to seize your property and your freedom..."

You don't shoot people with cars, that's silly, though if done it would be awesomely silly. You run them down, back up, and repeat a few times.

What's the most awesome way to kill a politician if you're a geeky mechanical engineer?

Car-tapult! :D

Strat

Re:I see.

[commodore64_love]

>>>Allowing the world anonymous access to your network is beyond irresponsible.

Why? We allow people to have anonymous access to the Networks of macadam (walking, biking, horses and carriages). The world has not collapsed as a result, and the owner of these macadamized networks is not held responsible if someone uses that network to speed. Or steal. Or whatever.

Re:I see.

[xaxa]

I lived in Leytonstone for two weeks while I was finding a job in London -- it was the cheapest place I could find. There was more crime than I've ever seen before -- the day I moved out I called 999 after someone kicked open the door of the house opposite. On the nearest bus stop was "crack dealer 07xxx xxxxx" in marker pen. Would you seriously leave a bike unlocked around there?

I also now live somewhere nicer.

Last summer I left my £500 bike locked to a bike stand on the Strand for less than four hours, locked with a £40 "Sold Secure Silver" lock. It was stolen. The ridiculous disorganisation of the insurance company meant it took them one week to approve my claim, and five months to actually send me the money (writing to their CEO achieved nothing, they sent me the money after I wrote to Lloyds). After that, £100 to reduce the chance of another theft seemed worthwhile -- I cycle to work every day, so I save £60/month by not needing a travelcard. (The police officer who took my crime report also advised me on which locks seemed to be better; he reckoned the one I'd had was the worst of the insurance-company-approved ones.)

I don't have contents insurance. I don't have that much stuff. If cheap fire insurance was available I'd get it, but I don't think there's much risk of theft.

Re:I see.

[scruffy]

A brick is overdoing it. On most houses, like mine, there is a phone outlet on the outside of the house. It lets technicians test the outside phone lines without anyone having to be home. So if I don't secure my outside plug, do I get fined?

Re:I see.

[lpq]

In germany -- probably -- but you might be in for worse. Is gun ownership a given in germany?

Re:I see.

[ivan_w]

You switched off the SSID broadcast. You locked the door of your house. By doing both, you made a pro-active attempt to secure your network. Do those, and no judge in their right mind is going to say you were facilitating.

Well - at least we seem to agree on that ;) (I was just saying it differently).

The only difference, is that - imho, once the judge agrees that you weren't facilitating, then the "security device" performed its function - at which point - whether the villain went around it or through it is moot.

And I hear you.. Yes, there is sometimes a way "around" (but not necessarily "through"). But that's independent of the "security device" - it's dependent on the "security system".

What I am saying here is that the statement "all security devices can be circumvented" is a tautology, and not necessarily a bad one though - it serves as a reminder that a security device within a poorly designed security system is useless - or rather - a security system is only as good as the weakest device that comprise the system.

Re:I see.

[blackest_k]

lets be honest here plausible deny-ability is one reason for keeping wifi open, it sucks that this guy seems to be breaking a law by allowing access too easily.

As bad analogy's go its like someone stealing tools from your back yard which are then used to break into other houses and you getting prosecuted for the burglaries. With DNA being the magic science quite possible your DNA could be at the crime scene since your tools were used perhaps you might be prosecuted.

Anyway even with the issues you mention with encryption, whats stopping you from white listing your device mac addresses it is probably enough to stop 99% of unauthorized use.

I used to use 2 routers one filtered the other not and the open wifi was throttled back to around 10% of my connection speed. A nice compromise of openness but without allowing my connection to get hammered.

It is a bad law alright but acta will probably worse and we all know eventually every action you take on the internet will be monitored and recorded and stored for at least your lifetime.

Re:I see.

[cayenne8]

So far, I've not heard of anyone in the US with an open wifi being held legally responsible for being irresponsible?

Re:I see.

[sornord]

German extension phones also cannot be used to pick up and listen to or join another phone conversation happening in your house, unlike US extension phones. This law was put into place decades ago in a reaction to the Nazi days. Seems to me the requirement to secure your wireless connections may be related legally.

Re:I see.

[flex941]

It's more like someone walked into my private garden (which has big "Everybody Welcome to Enjoy Nature Here" sign at the gate) and murdered somebody there.
Now, I get punished for making such a space available to fellow citizens? Go figure.

Re:I see.

[ekhben]

I have shark-repellent bat spray.

Re:I see.

[Alex+Belits]

Note the fact that it's illegal in Germany to have an unsecured wireless network

Which German law prohibits that?

Re:I see.

[Tom]

Yes, I didn't mean there are specific laws about this. You don't need specific laws if there are general laws about things like endangerment.

Re:I see.

The number of AP's and Wireless routers I have setup over the years that have reverted to a default, unsecured state for no apparent reason is frightening... (and they usually manage to retain the WAN connection details so happily share the net connection) that includes a few corporate grade APs. How would one protect against that? I guess given the recent ruling in the UK on software having to be fit for purpose would allow some leeway if ever this happened in the UK.

"It was secure... I guess it must have lost all its settings while I was on holiday... it's done it before"

Re:I see.

[EvilAlphonso]

how no one could smoke within a country mile of shore it seemed like....

[sort of offtopic]

That ban was probably caused by the smokers treating the place like an ashtray... cleaning up costs money, nobody wants to be taxed for said cleanup, so they ban the act that causes the need for clean up. The last city I lived in had public ashtrays on every single public trashcan, that means an ashtray every 65ft or so in the center... the ashtrays were mostly empty and the streets were covered in cigarette butts. My last three places of employment had ashtrays in all convenient places... most smokers were still throwing their butts on the floor, through the window, on the cars in the parking lot, on the lawn, well you get the idea: anywhere but in the ashtray. The end result in all three places? Smoking ban in and around the building, one windowless room turned into a smoker room.

You want to keep the liberty of smoking where you want? Behave like a grownup and get other smokers to do the same.

[/sort of offtopic]

Re:I see.

[beerbear]

Except that not all countries use case law. Germany doesn't, for instance.

Re:I see.

[jecblackpepper]

The bad news is that if a hacker guesses said password, then you will be held responsible for their copyright infringement - after all it can't have been a third party since the wifi router was "secured". That is the whole point of this type of thing, to make it easier for someone to be sued for copyright infringement.

You will no longer be innocent until proven guilty, you will be guilty until you can prove that you are innocent, i.e. you can prove that it was someone who had hacked into your wifi.

Re:I see.

[Cruciform]

You might think so, until you start talking to other gun owners.

If your firearms go missing here, it's your fault. It doesn't matter what actions you took to protect them, it obviously wasn't enough.

You'd be surprised at how many people in Canada have sizable gun collections. Nobody knows about it because it's like Fight Club. You only talk about your collection with other guys at the range and it's silence otherwise.

Get a gun stolen and you can lose your ability to own one legally.

There is no 'right to bear arms' here.

Re:I see.

[Jawnn]

I should think that the answer would be obvious. You are placing into the hands of someone you don't know, access to your network, and thereby, the Internet. It is a fundamental tenet of responsible citizenship (defined as being a member empowered to enjoy the rights and privileges common to a given community) that one conducts ones self in a manner that does not lead to consequences detrimental tot he community and it's other citizens. In other words, you are responsible for what your network does to the Internet.

Re:I see.

[PingPongBoy]

This is more akin to having a car that everybody in the neighborhood shares. Therefore it's always open. Some creep takes the car, gets charged with speeding, and the owner gets jailtime for negligence.

Sharing a car is noble indeed. Cars are expensive and if people shared cars, much personal wealth could be reallocated to other goals. With that out of the way, who would share a car, even if all the users contributed to mundane expenses like repair, fuel, and insurance? The fact that a car can be abused for the purpose of hurting someone makes me require users to sign waivers, assume liability, etc. Instead of sharing, it would be tantamount to renting. The rent mechanism is well known, and for most civilized jurisdictions it's well regulated, for the good of society, and that's just the way we like it. The owner has a duty to maintain the car and the renter is responsible for misbehavior but not for the car breaking down on the route to the mayhem.

Re:I see.

[BlueStrat]

Guns are scary, especially those evil 'semi-auto' ones.

Cars aren't guns so they aren't scary and cars totally aren't multi-ton murder machines.

The operative difference here for those passing such laws being that when the government begins the final change-over from a Democratic Republic to a Socialist regime, you can't use a car to shoot a politician or other government official or functionary that's come to seize your property and your freedom, and send you to a re-education camp because you publicly support capitalism & democracy and own more "stuff" than is considered "economically & socially just" by those in charge with their private jets and mansions.

They haven't dared to try the nationwide banning of guns, YET, but they have no problem with making owning a gun as onerous, burdensome, and legally risky to current and potential gun owners as possible.

Strat

Troll!=Disagree

C'mon mods. You know how this works, and you know that's no troll post.

Just confirmation that I'm right.

Re:I see.

[shnull]

I suppose in Germany it could, i hope the signals they got with the local elections change that shit a bit

Re:I see.

[theaceoffire]

"Lawyers and Judges could actually be modern-day warlocks and witches locked in an eternal battle for evil on the battlefield of the court!"

Fixed that for ya. ^_~

Re:I see.

[jc42]

Well, at least here in the US, when the "wi-fi" part of the spectrum was opened up, the explanation was that it was to be "open", public spectrum. They expected that developers (lots of us here on /.) would use this public spectrum to implement interesting and useful stuff, without the need to satisfy the bureaucracy (and the huge license price) that applies to other parts of the spectrum.

I'd think that a requirement that wi-fi always be encrypted would be a direct violation of the original intent in opening it up to the public. An open access point should be considered exactly how that part of the spectrum was supposed to be used.

Of course, things might be different in Germany. It's entirely possible that the wi-fi portion of the spectrum isn't legally "open" there. It's also possible that the above explanation was just PR in the US, and the wi-fi spectrum really isn't "open" here, either. Anyone know? Or is this another one of those things where all you can say is "We have to wait for the courts to decide"?

Re:I see.

[jesset77]

"exploding tube of toothpaste" ... "a pile of chunky red salsa"

You are just having way the hell too much fun describing this shit, aren't you? 8I

Re:I see.

[mysidia]

It's not simple reductio ad absurdum. It is "use of false analogy" to attempt to make a point.

Reductio ad absurdum would be like this:

Telephones in public places can be used to call people and make harassing phone calls.

Person X setup a publicly accessible telephone, payphone outside his house in plain view from the street, and placed a sign inviting people to use this phone.

At 6:00pm one evening, a local business received a prank call from this phone.

Therefore, Person X should be thrown in jail or fined based on the prank calls (for not adequately securing his payphone against prank calls being made).

Re:I see.

[doc_schmidt]

It's more like: if somebody walks through the open door on your balkony, shoots your neighbour with his gun, you are quilty, because it was your balkony.

Re:I see.

[doc_schmidt]

There's one thing more: Even if he would have secured his network perfectly - he would have to pay an admission fee of 100 EURO, if somebody presses charges against him.

Re:I see.

[rgviza]

If the criminal returns the gun, and gives the police an anonymous tip that you killed someone with it, you'd better have a good alibi or you'll get charged with the murder, especially if you shoot it regularly and have burnt powder traces on your skin. It may break down in court, but once the ballistics match was made, I'd think you did it if I was investigating the crime. I'm not a police officer or lawyer, but it would be easy to make that inference.

Your gun, ballistics match, powder traces, no alibi? It would look pretty bad on the surface.

It's much easier to lock your door than deal with something like that and pay a lawyer to get you off the hook. That's just the criminal case... You'd have to deal with a civil case too.

Ludicrous

[Em+Emalb]

See subject.

You can't force someone to have security. Would they have fined him if he'd left his door unlocked to his house?

Re:Ludicrous

You can't force someone to have security. Would they have fined him if he'd left his door unlocked to his house?

Ya! If they try to force people to act responsibly and protect their network & PC's so the rest of us don't get bombarded by their zombie-botnet PC's it's just going to result in people calling the government "WiFi Nazis"! Who wants to be responsible for their own computers and networks, anyway?

Re:Ludicrous

Yes, this actually happens. Same for not locking your car, which carries a fine of 90 euro's.

Re:Ludicrous

[nacturation]

Or if he left his gun rack unlocked. Or if he didn't have his seatbelt fastened. Or if he failed to wear a helmet while operating a motorcycle. Or...

Re:Ludicrous

Would they have fined him if he'd used WEP? How about using default admin passwords?
This "punishment for leaving your computer unsecured" could be taken even further.
What about fining the clueless for using IE? Or unpatched Windows?
Clicking on shady e-mails?

Re:Ludicrous

Yes, this actually happens. Same for not locking your car, which carries a fine of 90 euro's.

FINALLY, someone posts a car analogy! I was getting worried for a little while there.

Re:Ludicrous

[nschubach]

Wait... there's actually a law that says you have to lock your car?

Re:Ludicrous

[nschubach]

... if he practiced freedom of choice? Seriously, there's only so much I can take. If someone wants to be an idiot and weld a metal spike in their steering wheel, let natural selection run it's course.

Re:Ludicrous

[delinear]

Is there even a law that states that you must secure your WiFi? Because it sure as hell doesn't warn you of the danger of litigation for failure to secure on the equipment itself. In fact, surely Netgear are at risk of being sued now for providing the option to commit an illegal act by even allowing open WiFi on their device. And all those bars and coffee shops where they basically hand out the WiFi key to all and sundry for the cost of a drink - they've got as good as zero security, are they all liable to fines, too? I'm usually the first to say don't judge the... erm judge... too harshly because they're only following the law, but even to me this seems like a pretty clear cut case of some idiot desperately trying to find a way to twist the rules in favour of the **AA and coming up with a ridiculous solution.

Re:Ludicrous

[Ares]

A cousin of mine served in the US Army and was stationed in Germany. He once received a citation because his car was unlocked. Yes, in Germany, there is a law stating you must lock your car, though I don't know if it applies while the care is secured in a garage.

Re:Ludicrous

[tangelogee]

But most (smart) places like that, whereas they may have open and free wireless, also have a login/registration page which tells you that you shouldn't so bad things, and if you do, it's your problem.

Re:Ludicrous

[Kilrah_il]

Well, if you'd RTFA, then you'd know the answer is 'no'. From the article: "The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security — they are only required to protect their Internet access by setting up a password when they first install it." So the judge only wants they user to take minimal action and set up a password, they are not expected to do regular security maintenance and keep up with the latest encryption protocol. That is not to say I agree with the decision, just clarifying the point.

Re:Ludicrous

I agree that people should act responsibly, but to legislate it on behalf of defending copyright from download by unknown people is outrageous. The essence of the statement is that if anyone piggybacks onto your connection because you didn't secure your connection "enough" (good luck defining that with lawyers around), then you can be fined, and in this judge's opinion, should be fined.

WEP can be hacked in under 30 seconds. WPA is not far behind. A lot of routers don't even support WPA2. I bet that the judge has no idea what any of those mean, but he's happy to hand over money for the sake of some lawyers defending some person's copyright. Since when did copyright trump everything else? I am disgusted with the way that the world is moving.

Re:Ludicrous

I agree that people should act responsibly, but to legislate it on behalf of defending copyright from download by unknown people is outrageous. The essence of the statement is that if anyone piggybacks onto your connection because you didn't secure your connection "enough" (good luck defining that with lawyers around), then you can be fined, and in this judge's opinion, should be fined.

They are simply removing one of the more popular excuses that people use when they are caught illegally downloading movies, music, games, etc. Being able to claim "plausible deniability" as a defense when you're committing piracy just because you purposely leave your WiFi unsecured has just been taken off the table. Piracy is stealing and they don't like that this makes them accountable for their actions.

Re:Ludicrous

[heeen]

Just makes sense, why would you require people to have drivers licenses for everyones safety, but then let cars stand around unlocked for anyone to fuck up with.

Re:Ludicrous

[nschubach]

I'm not sure I agree with that position.

You most likely take your keys with you, so locking the vehicle doesn't prevent someone from driving into a crowd of people with your car. They still have to bypass the starting mechanism in the car, which is pretty much always protected by key... physical or electronic.

How many layers of protection is enough?

That's like saying that anyone that walks into your house through an unlocked door, proceeds to the crack the locked safe you have and pulls out the gun to use is your fault. You took the effort to put the gun in a safe and lock it, but since your front door was unlocked you may have well given them your gun? No, I don't agree.

The only thing this could possibly be is protection of personal items in the car... and making it illegal to "not protect" your own items walks a thin gray line.

Re:Ludicrous

[shadowbearer]

  That sounds like something that insurance companies lobbied for.

SB

Re:Ludicrous

[nacturation]

let natural selection run it's course.

"run it is course" indeed!

Re:Ludicrous

[nschubach]

Because we all know one grammar mistake will cause instantaneous death. It's a mistake, get over it.

Re:Ludicrous

[nacturation]

Because we all know one grammar mistake will cause instantaneous death. It's a mistake, get over it.

I thought it was special given your sentence was about being an idiot.

Re:Ludicrous

[nschubach]

One mistake does not an idiot make.

Considering that possessive "it" has a page dedicated itself and it listed as a common mistake I don't feel the slightest guilt to making that mistake.

Re:Ludicrous

[nacturation]

One mistake does not an idiot make.

True, and the guy in the photo holding the sign "Get a brain, morans" is widely acknowledged as making one mistake. Nobody thinks less of him for it.

I don't feel the slightest guilt to making that mistake.

I'm glad to hear you're at peace with yourself, though I never expected my silly comment to spin into its own thread.

Wow

Up next, people paying fines for having their identities stolen. I

Re:Wow

[V!NCENT]

Welcome to my world. My passport was stolen. I was "lucky this time", according to the officer, because they could have charged me with false identity terrorism aiding or somthing. I live in a democratic, western country and not in America and this almost happened to me. 'luckily the police officer was being nice'... jeez...

Re:Wow

I live in a democratic, western country and not in America

I loved the choice of words.

Re:Wow

More info plz. If you like, send the info to a news site (I'd recommend www.theregister.co.uk, just because I read them) and they can make the police in question squirm with some pointed questions.

Re:Wow

[MediaCastleX]

Its such an epidemic, you really have to be *that* much more on top of your life. In a really small, but related case, I had lost my college ID more than a few times and security made me pay a fine for it. There are several reasons why, none of which I know for sure, but they got it just as bad as regular civilians in these matters...hard to protect lives when so many have such blatant disregard for it.

Re:Wow

That kind of mindless belief in European superiority was the downfall of Europe at the beginning of the 20th century as well. Even Germans believed back then that their democracy was superior to America's, right until Hitler flattened Europe and murdered millions of Jews, with the help of many other European nations.

And if you look at European nations today, they have many of the same problems with democracy they had back then. People like you are just too narrow-minded and arrogant to see it.

Re:Wow

[tophermeyer]

I live in a democratic, western country and not in America

I don't understand. My teachers told me that America was a bastion of Democratic decency surrounded by a sea of liberal socialist savages. I had no idea they had police in the wastelands...

Re:Wow

[V!NCENT]

It's not the UK... I live in the Netherlands. It is common practise, sadly...

Re:Wow

[V!NCENT]

Are you implying that I do not dissaprove the current situation in which my country is in today?

Re:Wow

Paying a fine for losing something that costs them trouble to replace is different from being charged with a crime. Apparently they didn't fine you enough, didn't encourage you to be more careful (or to stop going on the all night drug binges that led to you losing the ID).

SS

slippery slope. (sufficient encryption, content filtering, access controls.)

Bad Precedent

[Pewpdaddy]

Not looking good if this carry's precedent. Pretty ridiculous IMO. Much like my own personal battle with building codes in my home town.

Re:Bad Precedent

You can't just give someone an anonymous internet connection and allow them to commit crimes, and thats what an open network access point is. Just because you're too stupid to realise this doesn't mean the courts are.

Re:Bad Precedent

[corbettw]

Germany is a civil law system, not a common law. Precedent doesn't work the same way over there.

Re:Bad Precedent

[Pewpdaddy]

It's bad form to have to be punished for not protecting others from themselves... What happend to survival of the fittest? The american way "it's someone else's fault". Sign of the times I guess, does this same law carry over to silenty infected computers? When does it become the offenders fault? My wifi is locked no SSID broadcast, what if someone cracks it, really hard for 802.11g right? My cell phone gets stolen and is used in a bank heist(for google maps or something)... Much like my cell phone the ISP has protection on their end. Is that next?

Re:Bad Precedent

[Hizonner]

I can anonymously give or sell people all kinds of things that they could use to commit crimes, and that is a good thing.

Internet access isn't particularly dangerous. Most of the uses of it aren't illegal at all. The actual, direct harm you can cause with it is usually a lot less than the harm you can cause with, say, a hammer. You can buy a hammer with no questions asked down at the hardware store. As long as I have no special reason to believe that that specific person intends to use it illegally, I can also give a hammer to a random person in the street. Same thing for thousands of other objects and services... in fact, for almost all objects and services.

I do, and will continue to, run an open WiFi access point. I really don't give a flying fuck about your issues with that. You're just gonna have to deal. Not everybody wants to live in your world.

Qdequately secured or just secured?

[Adustust]

"'Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,' the court said." What exactly do they mean by adequately secured? Can they fine us for using WEP or WPA instead of the latest and greatest?

Re:Qdequately secured or just secured?

[WrongSizeGlass]

What exactly do they mean by adequately secured?

Your wireless router or access point must be secured by a either bicycle lock, a knotted jumble of bungie cords, an aggressive dog or cat, or a large glob of superglue.

Re:Qdequately secured or just secured?

[zill]

Please excuse my ignorance, but isn't WEP/WPA/WPA2 all vulnerable currently? Sure, cracking WPA invovle a lot of bruteforcing, but anyone remotely afflictively with a university or college can easily get that kind of computing power.

If I'm not mistaken only a RADIUS server can truly secure your wifi network currently. I'm ashamed to admit that I don't have enough geek credit left to get one of those.

Re:Qdequately secured or just secured?

[LynnwoodRooster]

What? Duct tape isn't acceptable?

Re:Qdequately secured or just secured?

What exactly do they mean by adequately secured?

Any effort to secure it would have been sufficient to avoid being fined.

Re:Qdequately secured or just secured?

[BitZtream]

Here, it just means you made some attempt to secure it.

Leaving it open is basically an invitation to use it.

Simply putting a password of any kind on it means the unauthorized person had to do something to get onto your network and that it wasn't joined automatically.

The password can be anything, it just requires that the person 'stealing' your access had to actively do something or run something to get on your network.

I.E. if windows/osx/linux won't join it automatically because its open then you're safe. If its open and anyone can autojoin, then you're responsible for what happens on it.

Your laws are probably different. It was done here so minors couldn't sneak around and use others wifi for porn browsing essentially.

Re:Qdequately secured or just secured?

Yours isn't encased in cable spaghetti???

Re:Qdequately secured or just secured?

[snowgirl]

What? Duct tape isn't acceptable?

Only in Minnesota, via the Media Access Control Governed by Yearly Visioning in Elastic Restraints Act.

Re:Qdequately secured or just secured?

[Xyrus]

I always put mine in a bag of numerous, random-length, cat5 cables. Due to various laws governing the universe and IT cabling, after a mere day in that bag separating out ANYTHING out again is nigh impossible.

Excuse me while I attempt this...

[MachDelta]

In soviet Germany, WiFi unsecures you!

Or your wallet, anyways.

Reading comprehension fail

[nacturation]

The court said that he wasn't found guilty for copyright infringement, which would be analogous in your example to being found guilty for aiding a criminal. You would be charged with failing to secure your residence, much in the same way that he was charged with failing to secure his wifi.

Re:Reading comprehension fail

[Shakrai]

You would be charged with failing to secure your residence

In what country is it a crime to leave your front door unlocked? It certainly isn't in the United States.

Re:Reading comprehension fail

What about failing to adequately secure a network? I've been getting into cracking into WEP and WPA secured networks lately, and it's a pretty trivial process. With packet insertion I've yet to run into a network I can't crack within 20 minutes. WPA2: not so much. It didn't take much for me to learn how to do this, about 30 minutes of Googling and a $40 USB wireless dongle.

So, while my actions might be illegal, I'm the one committing the crime. Should the owners of the WEP and WPA "secured" networks be held responsible for not securing their networks? The equipment needed is basically the same as connecting to an open Wifi network. The knowledge needed is takes only 30 minutes to learn. The software is free. The intent is the same.

Where do you draw the line?

Re:Reading comprehension fail

[DrgnDancer]

It's a crime in a number of jurisdictions to fail to secure dangerous materials (firearms, poisons, etc). It's quite likely a violation of civil law in a number of jurisdictions to fail to secure even non-obvious dangers like swimming pools. People have been successfully sued because a kid drowned in their pool.

Re:Reading comprehension fail

[bws111]

It may not be a crime to fail to secure your property, but you are responsible for what happens on your property if it is not secured. One area where this frequently comes into play is with absentee landlords who don't protect their properties and they become, for example, crackhouses. The owner of the property can and will be charged with various offenses such as having a nuisance property.

Re:Reading comprehension fail

[nacturation]

You would be charged with failing to secure your residence

In what country is it a crime to leave your front door unlocked? It certainly isn't in the United States.

I knew I should have clarified and said "if such a law existed" as it would be the most analogous to the situation. You're right though... I'm not aware of such a law either.

Bad Passwords?

From Article:
"...if a third party takes advantage of their unprotected WLAN connection..."

So, what would happen if you just had a lousy password? (say the same as your ssid, or something like that).
Could you say it is "protected" in the sense that the person had to do something to use it, and not just use it?
I know they also say that it needs to be "adequately secured," but who defines "adequately?"

Re:Bad Passwords?

[chaodyn]

From the same Article: "The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security — they are only required to protect their Internet access by setting up a password when they first install it."

Re:Bad Passwords?

[delinear]

What if they do the same as the coffee shops and libraries - set up a password and then just hand it out to everyone? (and why do they think it's okay that private individuals aren't allowed to share a service they pay for!)

Re:Bad Passwords?

[zill]

If you set up a password and then hand it out to everyone you're basically inviting people to use your wifi. By doing that you're implicitly bearing the consequences of all your users' copyright violations.

Re:Bad Passwords?

[Aradiel]

Perhaps, if it isn't the case already, they will demand that anyone willing to share the service buys a license.

Re:Bad Passwords?

[TheNumberless]

What if they do the same as the coffee shops and libraries - set up a password and then just hand it out to everyone?

Most coffee shops and libraries where I've used Wi-Fi have traffic routed through a proxy. It's the smart way to do it. My guess (hope) would be that that is an additional, accepted form of security.

(and why do they think it's okay that private individuals aren't allowed to share a service they pay for!)

Optimistically, because the German lawmakers involved believe the public good of fining people who don't secure their wireless networks (fewer innocent people for copyright holders to go after) exceeds the harm to the individual caused by disallowing it (the nanny state prevents you from doing something really stupid anyway).

Disagreement with this is entirely reasonable. If you are a German citizen and you don't approve, try to gain popular support to overturn the law, and use the power of your vote to oust the politicians who supported it. If you are not a German citizen, perhaps don't move there?

Two sides to a coin

[Anarki2004]

This could be great for promoting better security among citizens, but what happens when they use a weak password? Or what if I have the processing power and time to get their encryption key? Is the individual still responsible for all data transferred over his network?

Let me get this straight

Say I have some land behind a drive in movie theater. Some one sets up a camera on this land and films movies and posts them on the internet. Is it my fault for not fencing or posting guards to prevent this? I'm pro copyright but this is nuts.

Re:Let me get this straight

[wood_dude]

No, because your behind the screen it would come out left/right flipped. So I doubt they would care if you put that on the net. :)

So if I understand this correctly...

[toooskies]

He was fined 100 euro because a single user downloaded a single song illegally. One song. A hundred twenty-five times its retail value. And he didn't even download it. Copyright is out of control.

Re:So if I understand this correctly...

[seanvaandering]

One song. A hundred twenty-five times its retail value.

You telling me Britney Spears isn't worth at least that?

Re:So if I understand this correctly...

That seems reasonable. It would seem to me that the fine must be greater than (the cost)/(the probability of getting sued). If it isn't, it makes more sense to always steal it.

Imagine if the only penalty for shoplifting was nothing but having to pay for the item.

Re:So if I understand this correctly...

[Sockatume]

No, the media industry's out of control. Maniacal copyright infringement suits are their current approach to profit maximisation, but saying that copyright law is the problem makes it seem like the media industry is innocently obeying an unjust law. They're not. If we fix copyright tort, they'll do something else. Maybe demonise indie music as some sex-and-drugs scene to discourage parents from letting their kids buy off-label music, or convince the press that homebrew games destroy the mainstream games industry. They've taken an unscrupulous approach to maximizing their ROI, and so fixing the laws they exploit is not enough. We've got to stop supporting them.

Re:So if I understand this correctly...

One song. A hundred twenty-five times its retail value.

You telling me Britney Spears isn't worth at least that?

I don't follow. Do you mean that you know a cheap hit(wo)man?

Re:So if I understand this correctly...

He was fined 100 euro because a single user downloaded a single song illegally.

One song.

A hundred twenty-five times its retail value.

And he didn't even download it.

Copyright is out of control.

No, he was not fined. He was sued. In civil court.
In civil court in Germany, the losing side has to pay the winning side's lawyers, according to standard fees.

Those 100 Euros are not a fine. They are a lawyer fee for small scale, non-commercial infringement.

Re:So if I understand this correctly...

[KlomDark]

Amen! Where's my mod points when I need them?

Re:So if I understand this correctly...

As always, this isn't about downloading, but uploading. Uploading is a more serious offense and people seem to forget that with most P2P protocols you're doing both at the same time.

The ruling came after a musician, who the court did not identify, sued an Internet user whose wireless connection was used to illegally download a song which was subsequently offered on an online file sharing network.

Re:So if I understand this correctly...

[furanku]

No, now it all gets mixed up. The 100 Euro are the maximum charge for the warning letter. We have a new law in Germany that limits these charges to 100 Euro in minor cases. He has not been convicted to pay any compensation, because he was just the one who's WLAN was used ("Störer" in German law), not the one who commited the copyright infringement. And the decision clearly states that "Störer" do not have to pay any compensation.

Re:So if I understand this correctly...

[mdielmann]

If you're selling dog chains, and every dog with a habit of biting has no problem mauling the neighbors, there are two problems. There are dogs that need to be removed from society, and you're selling crappy chains. Using the excuse of, "Well, these chains work fine for the good dogs!" doesn't make them any better. Given that this 'chain' also comes with various perks, it should be robust enough to restrain the mean dogs, not just the good ones.

I was also left speechless when you implied that lifetime plus 70 years, criminalizing DRM circumvention for any purpose (even in a different legal jurisdiction!), and outrageous fines for non-commercial copyright violations are not unjust laws.

How far does this go?

Do we start requiring people to lock their cars? Install alarm systems on their houses? Use encryption on their hard drives?
-or-
Do the police start to complain that with the VOIP systems out their and products like Skype, that the links need to be unencrypted so they can snoop?

Where does it all end?

Botnets

[symes]

So all those German citizens daft enough to allow thier machines to become part of a botnet are, technically, at risk of prosecution?

Re:Botnets

[xlotlu]

Now there's an interesting idea. Someone should code a botnet that only downloads and shares copyrighted content, nothing else malicious.

Re:Botnets

So all those German citizens daft enough to allow thier machines to become part of a botnet are, technically, at risk of prosecution?

They can be sued to enforce that they clean up their pwned machines.
And if they then fail to clean up their pwned machines, they are violating a court order, which won't go that well.

Re:Botnets

This immediately sprang into my mind as well. Damn those germans are crazy. First the FAT software patent case and now this. Sieg heil!

Re:Botnets

no. you're explicitly not responsible for what your computer does that you don't know about...

Re:Botnets

[rdnetto]

Hello plausible deniability...

So now we all work for the benefit of the RIAA?

[betterunixthanunix]

So, I guess now the German people are being expected to work for the benefit of the copyright lobby. This sounds like the tail wagging the dog -- first the government works for the industry's benefit, and then it starts to require the people it is supposed to represent to do the same.

Re:So now we all work for the benefit of the RIAA?

[PPH]

Now there's an idea.

The people in Germany (and elsewhere?) are expected to secure their facilities to protect the RIAA's clients. So the RIAA should pay them for their efforts.

Re:So now we all work for the benefit of the RIAA?

[NotQuiteReal]

Who actually got the money from the fine... Somehow I doubt the court cut a check to the RIAA for 100 Euros. More likely it just disappeared into the local government coffers. That's the cool thing about a bunch of petty "crimes" for which fines are levied. Another revenue stream for the government... to help pay for enforcement of petty little laws...

Re:So now we all work for the benefit of the RIAA?

[gstoddart]

The people in Germany (and elsewhere?) are expected to secure their facilities to protect the RIAA's clients. So the RIAA should pay them for their efforts.

Well, since I'm betting the Wi-Fi router doesn't use a password by default, and came that way from the factory -- unless the manual tells you that you have to apply a password (or that it won't work until you do) I'd turn around and sue the company for selling you a copyright-infringement device.

This is definitely a case of copyright enforcement run amok.

Re:So now we all work for the benefit of the RIAA?

Hey, I know! The RIAA can just pay them in free songs!

Re:So now we all work for the benefit of the RIAA?

[PPH]

Hey, I know! The RIAA can just pay them in free songs!

Well, I just received my first installment. Its a song by Rick Astley. What did you get?

Catch 22

They fine you for having an open access point, but if it was password protected and broken in (as wifi encryption is weak) then the owner would of been charged with copyright violation.

Re:Catch 22

[Tim+C]

And if he could have demonstrated that that was what happened then he would have been acquitted. That's not exactly a catch-22 situation.

Re:Catch 22

[chaboud]

And we're okay with people needing to prove their innocence? Our rights have been so eroded by the copyright mafia that we'll take a swift kick to the nuts and ask for another.

Funny enough, if you read up on ACTA, this is clearly just the beginning.

Germany officially sucks

Wow. Now, in Germany, your life revolves around the protection of other people's copyright(s). So from this, one can then make the simple leap to say that a barely protected network (WEP) is also offensive to copyrighters because it takes just 30 seconds to break into. Malware on your computer downloads something for you? Too bad, you didn't secure it well enough. Who cares if a bug actually caused it.

I realize this is Germany, and I admittedly do not know their stance on legislating from the bench, but talk about legislating from the bench. I hope this judge is disbarred because people like him are ruining the world.

I hope not

[Carewolf]

I hope there is slightly more to this story than the summary suggests. It seems absurd unless they have a law against sharing your internet connection. I personally have an open guest network with no protection, but then so do every major company, all libraries, schools, the trains and even the busses here in copenhagen.

Re:I hope not

[gstoddart]

I hope there is slightly more to this story than the summary suggests. It seems absurd unless they have a law against sharing your internet connection.

Not much more -- basically if you fail to attempt to at least moderately secure your wireless with at least a nominal password, and someone else uses it for an illegal purpose, you would be guilty under this law.

Now, in theory you could use a password of "password", and you'd likely be safe; they even say that you don't need to constantly ensure that your password hasn't been breached, just make some initial effort. But, if you go to the store, buy a router, plug it in and walk away -- you apparently are just asking to get sued since someone can come along and use it for illegal purposes.

Ostensibly, if you can get burned for copyright, you are also criminally liable for kiddie porn, spam, and any other nefarious use someone else might get up to since the same reasoning would apply.

The interesting thing is, would the judge in this case know how to set the password and encryption scheme on a commercial router? Or is this a case where the law is too clueless about the technology? This is the way these things work out of the box, and consumer understanding has lagged behind actual ownership.

Re:I hope not

[BitZtream]

And all of those open networks are probably monitored, logged, and have some sort of basic protection against using them for illegal activities.

Re:I hope not

I hope there is slightly more to this story than the summary suggests. It seems absurd unless they have a law against sharing your internet connection.

There is no German law against sharing your internet connection.
But there are German laws against copyright infringement.

This user's internet connection was used for copyright infringement.
Ordinarily, he would have been liable. So he claimed that his wireless
is open. That gets him off the hook for the copyright infringement,
but he now must prevent future copyright infringement via his internet
connection. How he does that is his problem.

Re:I hope not

[EdIII]

But, if you go to the store, buy a router, plug it in and walk away -- you apparently are just asking to get sued since someone can come along and use it for illegal purposes.

Sounds to me like he could sue the manufacturer. They are technically creating a product that is by default potentially violating the law. They could just as easily set the password to the serial number, but they choose password.

I would say that because of the complexity of these devices compared to the average consumer's skill sets to configure them, the corporation deserves at least %50 of the culpability in this situation.

Of course, from the beginning here, Germany went Full Retard, all I am saying is lets take it to it's logical conclusion.

Re:I hope not

You forgot the disclaimer! Most of these public "guest" access points I encounter (in the US, anyway) are now secured via access policy. Read the text next time before you hit "Accept" at a hotel or airport or other public AP.

Re:I hope not

[Carewolf]

Internet "contracts" are not valid in Denmark (and most of the world). I don't read them on purpose since they do not apply to me.

When in Rome, do as the Romans do...

But seriously, is "Free for All" WiFi access illegal, or non-existant in Germany? In Japan, there are some places where WiFi is opened intentionally, as a courtesy to people around. Such as in hotels, convention halls, and so on. Not just some individual that figures that free access to all is a cool idea.

While others have pointed out an analogy to an unlocked door, I see it more like a public pay phone. If an anonymous individual makes a death threat from a pay phone, is the phone company somehow liable? If they're not, and it is because they are a common carrier, then how come the internet is treated differently?

This single issue may have been a case of German law, but it does have implications to every modern nation.

Re:When in Rome, do as the Romans do...

[delinear]

And to bring it back into the realm of copyright - are libraries responsible if they provide a photocopier for their users unless they personally check everything you copy to ensure fair use? Are Blockbusters responsible if someone borrows and copies a DVD because they failed to send one of their employees home with you to check how you used the disk? This seems an incredibly stupid development, to basically say if you're providing a public service, unless you can guarantee people aren't abusing that service, you yourself are liable.

Re:When in Rome, do as the Romans do...

[gstoddart]

are libraries responsible if they provide a photocopier for their users unless they personally check everything you copy to ensure fair use? Are Blockbusters responsible if someone borrows and copies a DVD because they failed to send one of their employees home with you to check how you used the disk?

Book publishers have tried to make photocopiers illegal because in their mind, all people do is violate copyrights.

The *AA would prefer that the rental model be outlawed and that any device which could be use to violate their 'rights' (ie. a general purpose computer) should be illegal. They want every single piece of electronics to be outfitted with gear to prevent you from doing anything on the off beat chance that the bit involved belong to them.

If these corporations had their own way, all technology would be subservient to their wishes, and all forms of media would be closely monitored and scrutinized so that everyone within a 50' radius would be expected to pay fees anytime a radio or TV is turned on.

They have no interest in 'public service' or 'the commons' -- they only have interest in their stuff.

Re:When in Rome, do as the Romans do...

[atisss]

Internet is a right, as is anonymity. I like to provide free internet to everyone, even if they chose to remain anonymous.

What next? Fine for having your router hacked and used as proxy?

Re:Bad President

Not looking good if this carry's precedent. Pretty ridiculous IMO. Much like my own personal battle with building codes in my home town.

Such a brave American hero. I have a dream that one day builders will rise up and break the shackles of community approved building codes and regulations and finally be free once again to build their cement basketball courts within thirty feet of a roadway. A day when not only will that be possible but equal opportunities will be provided for you in the form of a check box on an job application that gives you preferred status.

You truly shall inherit the Earth!

actual judgement

[Tom]

The actual judgement is a bit more level-headed than the /. summary makes it to be.

The judge essentially said you ought to have some minimum level of security, elst you're liable for damages, much like everything else (e.g. if you don't put the brakes on in your car and it starts to roll and crashes into something).

The standard requested is pretty much "turn on encryption and change the default password".

Most commentators agree that for home users, not much will change. Unless you're an idiot, you already have these things for your home network. The challenge will mostly be to hotels, Starbucks, etc. with their open hotspots.

Re:actual judgement

And why can't I run an open hotspot if I want to?

Re:actual judgement

[icebraining]

(e.g. if you don't put the brakes on in your car and it starts to roll and crashes into something).

Wrong analogy. Unlike the car, the router by itself wouldn't cause any damage. *Someone* committed a crime, they should prosecute that guy.

Unless you're an idiot, you already have these things for your home network.

Then I guess I'm an idiot for being a nice guy and providing free access for people passing by. Why am I an idiot? My traffic is secure (I have two networks, one encrypted with WPA2-Enterprise with a RADIUS server, another open) and I have no traffic limits. Why shouldn't I share?

Re:actual judgement

[unix1]

The judge essentially said you ought to have some minimum level of security, elst you're liable for damages, much like everything else (e.g. if you don't put the brakes on in your car and it starts to roll and crashes into something).

Sorry, wrong car analogy. How about this one:

If your router is sitting loose at the edge of an open window, then wind blows and causes the curtain to move and drop the router through the window 10 stories falling on someone's head or car, you could be liable for damages, just like if the car didn't have brakes set in your analogy.

On the other hand, leaving your wifi access open is like leaving you car unlocked. So, now you are liable if your car is unlocked, someone gets in your car and starts copying your CDs, or recording off of your FM radio.

Re:actual judgement

[zarzu]

how is that more level-headed? you're just defining the adequate security part from the summary with "turn on encryption and change the default password". your car analogy doesn't work either, if i have an open wifi spot it doesn't just go on a frenzy and download stuff, which is what you are suggesting.

the judgment here clearly means to say that an internet connections main purpose is to help you infringe on copyright. you won't get fined for sharing a fork with someone if that someone then goes to kill his wife with it. a city also won't get fined just because they provided a thief with a street to walk on to reach his target. the judgment is utterly absurd.

Re:actual judgement

[__aasqbs9791]

Then you get fined if someone breaks the law using your connection. Do it enough and you'll probably get charged with aiding and abetting. Though IANAL, it seems obvious enough. If you want to be an ISP, then you have to keep records indicating who your customers are (even if they aren't paying anything) so that the criminal can be found. I'm not saying I agree with any of this, but it seems easy enough to understand, given our typical current legal structure (I'm assuming Germany isn't too terribly different from the US in some regards, so maybe I'm way off base).

Re:actual judgement

It would be more like if you didn't lock your car, and a stranger got in and took off the parking break.

Re:actual judgement

[corbettw]

Wrong analogy.

How about this one: if you don't put a lock on the gate around your pool and someone wanders in and gets hurt or even dies, you're liable for damages, possibly including prosecution for negligence. Doesn't matter that the other person was trespassing on your property, you're expected to secure dangerous parts of your property from the general public.

Then I guess I'm an idiot for being a nice guy and providing free access for people passing by.

Pretty much, yeah. Besides which, why would you open yourself up to potential legal trouble from someone downloading kiddie porn or something through your link? The defense "But it was open, anyone could've done it" probably won't help you much in that case. Better to be safe and turn off outside access altogether.

Re:actual judgement

[rxmd]

And why can't I run an open hotspot if I want to?

You can, but if you do, you better have some solid proof pointing away from you when someone else breaks the law through your connection.

You can also leave your car for anyone to use, but it will be you who gets the parking tickets. (Yay for car analogies!)

Re:actual judgement

[Sockatume]

Better analogy: I leave my phone on a cafe table. Some fraudster steals it, and uses it to con various old people out of their credit card numbers. Why should I be liable for their tortious actions?

Re:actual judgement

[zarzu]

your analogy is just so way out there, it's about someone hurting himself because of a dangerous situation that you have created. the case on the other hand is nothing like that, it's about someone using an open communication system for a very specific illegal thing which is not the common use of the communication in question.

and you would only open yourself up to legal troubles if there are absurd precedents like this one. which is not a given and there is still some actual evidence needed on your computer for them to be able to link those downloads to you.

Re:actual judgement

[G00F]

They don't have a clue, not because they are not idiots, but because they are so far removed from the tech world they don't know such things exist.

If it wasn't for me, all my friends but one(not including co-workers here) would not have encryption. And that one friend has minimal security with a key of 1234567890 Most wouldn't even know that there is such a thing. Most reply how is that different? What is it?

One of my older friends was paying for internet from Comcast and his laptop worked wireless with out any problems. He didn't have a wireless router. . . . Not a clue that he was using a neighbors open wireless connection.

How can you hold someone criminally and financially responsible when they couldn't have known? And the victim is them? If found, shut them off from the net till they address the issue is reasonable.

These wireless routers need to have encryption enabled by default with a random key printed one the device and in the documents. Maybe making use of the serial number as part of they key.

Re:actual judgement

[matunos]

I don't know about the hotels that offer free wifi, but Starbucks (that is, AT&T) makes you register and log in to use their wifi (and you have to have used a registered starbucks card if you want it for "free").

Re:actual judgement

[tehcyder]

And why can't I run an open hotspot if I want to?

You can, but you don't have some magic immunity to being sued if people use your connection.

The question of whether you should be able to be sued for copyright infringement is a separate issue.

Re:actual judgement

[Abcd1234]

Pretty much, yeah. Besides which, why would you open yourself up to potential legal trouble from someone downloading kiddie porn or something through your link?

So by your logic, telecom companies should be liable if someone uses a payphone to harass someone?

Interesting.

Re:actual judgement

[Corbets]

(e.g. if you don't put the brakes on in your car and it starts to roll and crashes into something).

Wrong analogy. Unlike the car, the router by itself wouldn't cause any damage. *Someone* committed a crime, they should prosecute that guy.

Um, so you're saying that the car would commit the crime by itself then? Wrong analogy destruction.

Unless you're an idiot, you already have these things for your home network.

Then I guess I'm an idiot for being a nice guy and providing free access for people passing by. Why am I an idiot? My traffic is secure (I have two networks, one encrypted with WPA2-Enterprise with a RADIUS server, another open) and I have no traffic limits. Why shouldn't I share?

I'm not sure if this is what the court had in mind, but odds are pretty slim that the terms of service you agree to with your Internet pipe actually allow you to share that wireless with someone else. Also, Germany is not America, where "my freedom" outweighs every other consideration. It may be that the ability to identify people and their actions is an overriding consideration in the minds of the German people (who, like most peoples, are not well-represented by Slashdot opinions).

Re:actual judgement

[Hizonner]

I should presumably also be fined if somebody commits a crime using M&Ms from the candy jar on my desk.

There is no legal requirement in the US for an ISP to know who its customers are, nor should there be. Certain people would like to make every citizen responsible for enforcing everything, and not let anybody do anything without being tracked by the Man... but luckily those particular evil forces haven't completely won yet.

I have no idea about German law, other than that, to the extent that it forbids running an open WiFi network, German law needs to be changed.

Re:actual judgement

[Zatar]

why would you open yourself up to potential legal trouble

Unfortunately this line of thinking leads to life in general being a lot less pleasant that it should be in countries with this sort of attitude towards liability.

We end up with people making lots of regrettable decisions like "I shouldn't let anyone walk across my property", "I shouldn't let anyone use anything of mine", "I shouldn't help that kid crying in the middle of the road" just because there's a real chance that the government will ruin your life over it if someone gets offended.

Most people are nice and want to help others but we force them to close up and stop interacting with people out of fear of liability. It's sad.

Re:actual judgement

[Hizonner]

In decent countries, they have to prove that you broke the law. You don't have to prove anything.

Re:actual judgement

[misexistentialist]

What if someone wanders through an unlocked door and drowns in your bathtub? Just because the law has been misapplied in the past doesn't justify further misapplication.

Re:actual judgement

[__aasqbs9791]

I wasn't trying to say what I think should happen, just what I'd expect based upon what happened in this case. Personally, I agree with your stance on this, though that may not have come across very well in my comment.

Re:actual judgement

[gstoddart]

The actual judgement is a bit more level-headed than the /. summary makes it to be.

The judge essentially said you ought to have some minimum level of security, elst you're liable for damages, much like everything else

In this case, to continue with the car analogy ... when the dealership sold you the car, it had no brakes on it. It had places where you could install brakes, and the manual told you how you could install brakes. But nobody told you that you were required to have brakes installed, and that it was in fact dangerous and illegal to not have brakes installed.

If it is illegal to have a car without brakes, then it should be illegal to sell a car without brakes. Since, clearly, the routers are sold without brakes, er ... crypto enabled, then these must be illegal devices, no?

This basically means that everyone in the world has custodial rights on behalf of copyright holders to ensure that nothing they own can be used by a third party to infringe copyright. This is bad, and I think it's a stupid ruling.

Grumble grumble ... Wookies ... Endor ... acquit ... bollocks.

Re:actual judgement

[Phisbut]

In decent countries, they have to prove that you broke the law. You don't have to prove anything.

Back to the car analogy, how do they, in decent countries, issue parking tickets? How do they figure out who parked the car illegaly rather than simply assuming the owner of the car is responsible, no matter who's driving?

Re:actual judgement

[tgd]

In most cases you're violating the terms of service of your internet connection if you do.

Re:actual judgement

[adsl]

We have seen court cases were the Judge was entirely ignorant of even the most basic workings of the internet. So many users of VCRs wer/aree unable to program their machine so that the blinking 12:00 light stayed on. Does this Judge and others really think that everyone who buys and uses a wireless modem understands how to and is capable of changing or setting up security parameters on such a modem. I think NOT.

Re:actual judgement

[WilyCoder]

"Then you get fined if someone breaks the law using your connection. "

What the fuck? If I go hack something by using the libraries open wifi, then the library is going to be charged a fine?

If you are running an open wifi spot how does "common carrier" status play into this, because this all sounds ABSURD...

Re:actual judgement

And what if my computer has issues connecting to a router that has encryption, or the router has a bug where it can't maintain a connection when encryption is enabled? Or I have a very high-speed link & I don't want the overhead of encryption throttling my bandwidth? Or as others pointed out, I use WEP instead of WPA2? The government should not be in the business of trying to legislate the configuration of any network unless it is for a business that can expose sensitive information (medical records, financial information, education history, etc) or a government entity (or a business under contract from the government).

Re:actual judgement

[colinnwn]

In the US, parking tickets are issued to the car, not the person. So you might not be able to get your car registration renewed, or get it impounded, but you won't go to jail for not paying.

A more relevant comparison would be speeding cameras. The first round of speeding cameras didn't capture a picture of the driver, and there were several cases of tickets being dismissed because law enforcement or the private contractor operating the speed cameras couldn't prove the identity of the driver. Now most speeding cameras that reliably convict drivers take a picture of the driver, or they treat the speed camera tickets like parking tickets above.

Re:actual judgement

[__aasqbs9791]

I didn't say it was a good thing, just that in Germany this case seems to show that will be the result, and the next part is my guess on what they would take as the next step. I don't agree with it, I'm just pointing out what I'd expect for a repeat 'offender'.

Your last line brings up a good point. Can you be a common carrier if your terms of service forbid running an open hotspot (I'm pretty sure mine does through Comcast)? Can they even legally forbid that in their TOS (I'm assuming they can, but I've seen plenty of contracts with unenforceable clauses before)?

Re:actual judgement

[colinnwn]

"don't have some magic immunity to being sued if people use your connection."

Claimant should (and generally is in the US) be forced to prove the infringing action to a specific person. So possibly the claimant should be able to have all computers in your house confiscated and searched. But if they can't prove one of those computers in your house actually engaged in copyright infringement, then claimant should lose.

Re:actual judgement

[colinnwn]

Violating TOS should only result in your service provider closing your account, and possibly actual damages incurred by service provider. But violating TOS shouldn't attach liability to you for actions of others using your service where actual damages aren't provable (ie if they run up your bandwidth bill according to your billing contract then you are responsible, but if they download a copyright song you shouldn't be responsible for ethereal or compensatory damages).

Re:actual judgement

[icebraining]

How about this one: if you don't put a lock on the gate around your pool and someone wanders in and gets hurt or even dies, you're liable for damages, possibly including prosecution for negligence. Doesn't matter that the other person was trespassing on your property, you're expected to secure dangerous parts of your property from the general public.

I don't know about the States, but that's not true in any country I've been, and not in many others, where people leave their gates unlocked all day.
And what about in places like Galiza, where you can't walk 500 feet without stumbling in a small course of water? Would the city be forced to put fences around all those "potentially dangerous" places by that law?
Show me someone who has been found guilty for negligence for leaving their house unlocked. I found that very hard to believe.

Pretty much, yeah. Besides which, why would you open yourself up to potential legal trouble from someone downloading kiddie porn or something through your link? The defense "But it was open, anyone could've done it" probably won't help you much in that case. Better to be safe and turn off outside access altogether.

Yes, helping other people may not be always to my advantage! Why wouldn't I always follow the path of maximum selfishness? All those guys helping in Haiti and other devastated places are just idiots too, by that rationale.

Besides, the police here seems much more worried about catching real criminals than random guys. The only times I've heard about people being convicted for having child pornography were when they caught a distributing organization (that usually sells it) or when a guy actually violates a kid and then he's computer is searched.

Even copyright infringement convictions for downloaders are not very common, AFAIK. It's usually companies using illegal software or guys who try to make money out of it - copied DVDs in markets, a torrent tracker were you could pay for some "advantages", etc.

Re:actual judgement

Unless you're an idiot, you already have these things for your home network.

An idiot, or Bruce Schneier

Re:actual judgement

[tophermeyer]

German law needs to be changed.

Your an American aren't you? Its ok, I am too. And though I agree that this law would be ridiculous and unfair in the US, it is awfully presumptuous to make a claim like that.

Germans are completely capable of governing themselves. My probably too simplistic understanding of German law is that it places a lot of responsibility on individuals to take reasonable steps to secure their property and be safe in their actions.

Re:actual judgement

[corbettw]

I don't know about the States, but that's not true in any country I've been

In most jurisdictions in the States with such laws it's a civil matter but there are a handful that treat is a criminal matter. One of the side effects of our system of laws is that it's pretty dang difficult to find a specific city or county ordinance that mentions it, but my city's building code specifically states it is unlawful not to have a gate with a self-latching catch installed around a pool. No specific penalties are spelled out as it is a civil matter.

Yes, helping other people may not be always to my advantage! Why wouldn't I always follow the path of maximum selfishness? All those guys helping in Haiti and other devastated places are just idiots too, by that rationale.

1) There's nothing wrong with helping people. Implying that's what I said is just a strawman.
2) There's nothing selfish in wanting to make sure you stay out of jail thanks to someone's thoughtlessness or criminality. You're confusing "being nice" with "being hopelessly naive".
3) Are you seriously comparing having an open WiFi router to traveling to another country to help people ravaged by a horrible natural disaster? Are you a sociopath that can't see the difference between those two things?

Re:actual judgement

Then you get fined if someone breaks the law using your connection. Do it enough and you'll probably get charged with aiding and abetting. Though IANAL, it seems obvious enough. If you want to be an ISP, then you have to keep records indicating who your customers are (even if they aren't paying anything) so that the criminal can be found. I'm not saying I agree with any of this, but it seems easy enough to understand, given our typical current legal structure (I'm assuming Germany isn't too terribly different from the US in some regards, so maybe I'm way off base).

Translation... You cannot give charity. If you want to help freely provide what was once an internet dream, you must also provide a massive security infrastructure so nobody can commit a crime.

Great way to restrict ISPs to big business, is what it is. We have the technological know-how to let everyone have cheap, fast internet wherever they are. We even have close to the entire infrastructure for that. What we don't have is big-business behind it. Must be criminal!

Re:actual judgement

[chowdahhead]

I disagree with the idiot remark. Routers aren't pre-configured out of the box for wireless security by default or with a randomly generated root password. It seems like common sense for /. readers, but there are a lot of smart people (and not so smart people as well) that just don't have a clue about how stuff like this works.

Re:actual judgement

But this is flawed logic. YOU didn't put the brakes on the car so you're responsible for the damage that was directly caused by this action, yes.

But this is a case of you not doing something, and then someone came along and intentionally did something that was wrong with the opportunity given. Now one might wonder, should, it be criminal negligence to not drag a fence 40 feet up on every bridge just in case someone wants to jump off, vs just high enough that you can't unintentionally fall off? Or -as an extreme and obviously absurd example- not to secure your water tap against unauthorized access/excessive use in case someone wants to drown someone else in a sadist way by pouring water into his lungs? Yes, about everything and anything that can be used by human hands can be abused in a criminal way.But in all too many cases, the object was not designed to do such and should not be counted as an immediate danger, and thus negligence laws should not apply.

Besides, tell me how many times negligence laws were applied in court when no one came to real damage. A value of like 90 cents was lost, and that only if you're generous and actually count it as lost sale, which I'm not sure should be easy to prove. There would usually be more damage if you left a tube of glue on a desk and your neighbour's toddler put glue on your other neighbour's door. Should that even be a court case, should damages be awarded to this excess, and should YOU be responsible in any way for letting glue lie around, instead of the usual responsibility of the one who did the wrong (which in the case of a minor gets transferred to parents)?

Re:actual judgement

So if I open your door, take off your parking brake, and push your car into traffic, you are fine with paying for the repairs?

Re:actual judgement

[Tom]

Please visit Comprehension Basics 101, down the floor, last door on the right, the one with the big "idiots here" sign next to it.

The judgement asks for "some minimal security", not "unbreakable security" and it specifically says that if you have some security, then you are not liable.

Re:actual judgement

[Tom]

But this is flawed logic. YOU didn't put the brakes on the car so you're responsible for the damage that was directly caused by this action, yes.

But this is a case of you not doing something,

Like not putting on the brakes? ;)

and then someone came along and intentionally did something that was wrong with the opportunity given.

So amend my example saying that someone shoved your car. Would you be held liable? I claim a court would at least entertain the thought, yes. Sure, the actual culprit would bear the main responsibility, but courts do know such measured judgements as holding multiple persons responsible to varying degrees. You would certainly not be sued criminally, but a civil case asking for damages may well succeed. And look! That's exactly the judgement that was passed in this case.

But in all too many cases, the object was not designed to do such and should not be counted as an immediate danger, and thus negligence laws should not apply.

Except that a Wifi router was designed to give network access to everyone in range.

A value of like 90 cents was lost, and that only if you're generous and actually count it as lost sale, which I'm not sure should be easy to prove.

The point of judgements like these isn't in the value, but in the guidelines they provide. We now have a guideline for the case where something of actual value/damage might happen. There are tons of court cases about stuff like your example, they just never make the news.

Re:actual judgement

[Tom]

In this case, to continue with the car analogy ... when the dealership sold you the car, it had no brakes on it.

Analogy bad.

The car had brakes. But you had to actually engage them, they don't magically do that all by themselves.

Here's a better car analogy: In Germany, it is illegal for you to go out of gas while driving on the Autobahn. I'm not kidding.
The reason is that it's fucking dangerous - when a modern cars engine dies, so do most of the driving support systems, including steering - when's the last time you actually steered the car by muscle power? - you don't want that going 200 kph with someone else coming up at 240 kph behind you. And that's pretty typical speeds on the parts where there are no speed limits.
The reasoning is that by making it a law and putting a serious fine on it, even if nothing happens, people will bother to check the gas level before driving unto the Autobahn. And it works.

So the court now asks all Wifi drivers to check that they have encryption enabled before they start broadcasting. Contrary to what some posters here try to feed, that is not a major technical feat. You don't have to write the crypto algorithm and upload it in binary to the firmware, you know? Usually, there's a setup screen that you visit anyways because you have to put your DSL data and your network name in, and there's a checkbox, dropbox or whatever there asking if you want WEP, WPA, WPA2 or no encryption.

Re:actual judgement

[Tom]

How can you hold someone criminally and financially responsible when they couldn't have known?

Please read the judgement or at least the clued-in comments about it before passing judgement.

Criminal liability was explicitly declined. The court ruled, however, that it is a case of negligence, and thus you could be liable (in part) for damages that are caused through your open Wifi.

Re:actual judgement

[Tom]

the judgment here clearly means to say that an internet connections main purpose is to help you infringe on copyright.

If it would mean that, then you would be in trouble just for having that open Wifi. That is not what the court said. It said that if you have an open Wifi and someone uses it to do something bad, then you may be liable for a share of the damage, because you didn't put in reasonable precautions that would have prevented it.

As I read court papers (and IANAL, but my last job gave me more contact with lawyers and courts than is really good), that means the court recognizes that these infringements are not the main purpose, but are at least common enough that a reasonable person can know that they can happen, and therefore that he should take reasonable precautions to prevent them.

That's a pretty normal POV to take in the real world. Your insurance will take the same view if your house gets broken into and it turns out you not only had all doors unlocked, but you didn't even have locks on them. Sure, you didn't do the robbing, but your insurance will gladly hold you responsible for at least some of the damage and refuse to pay it. And a court would probably agree with them.

Re:actual judgement

[Tom]

Wrong analogy. Unlike the car, the router by itself wouldn't cause any damage. *Someone* committed a crime, they should prosecute that guy.

They will.

This was not a case about criminal prosecution. It was about civil damages. You can be held responsible to pay damages in a civil case, even if someone else was the criminal. That's actually pretty commonplace.

Then I guess I'm an idiot for being a nice guy and providing free access for people passing by. Why am I an idiot? My traffic is secure (I have two networks, one encrypted with WPA2-Enterprise with a RADIUS server, another open) and I have no traffic limits. Why shouldn't I share?

According to the court (note: I don't necessarily share that opinion, just trying to point out that as courts go, this is a pretty good judgement and many of us here in Germany expected far worse):

You shouldn't share because you know that it is not only easy, but common for people to break the law using unsecured Wifi. By providing them with the means to do so, you could be held liable for damages (civil), but the court recognizes that you providing access is not an intentional aiding of a crime, so you're off the hook regarding criminal prosecution.

Re:actual judgement

[Tom]

You can. Nothing in the judgement says you can't.

What it does say that if you do, you could be held responsible for what it is being used for.

Re:actual judgement

[Tom]

Claimant should (and generally is in the US) be forced to prove the infringing action to a specific person.

But there are many other cases in the law where that is not true. Driving offenses, for example, only require the identification of a specific person in some countries. In most countries, the owner is held responsible if the driver can not be identified (and the car hasn't been reported as stolen).

Which is why some commentators already believe that one solution for hotels, etc. will be to identify their hotspot users, so if the police comes in about something, they can do what you ask for.

Re:actual judgement

[Tom]

And what if my computer has issues connecting to a router that has encryption, or the router has a bug where it can't maintain a connection when encryption is enabled? Or I have a very high-speed link & I don't want the overhead of encryption throttling my bandwidth?

Then you should dump your early 80s equipment and go buy something new.

Seriously, "what if the brake pedal is always in the way of my foot?" is not a proper defense for having removed it when you run someone over. Your car has to have a brake, and how is usually your problem. All Wifi routers sold in the past 10 years or so come with some form of encryption. All computers sold in the past 10 years or so have more than enough power to run it. If your equipment is fast enough that it can saturate the connection, then it is fast enough that it can do encryption without noticeable overhead.

Or as others pointed out, I use WEP instead of WPA2?

No specific level of encryption was required, only "reasonable security". Commentators are discussing whether or not WEP would count or not.

The government should not be in the business of trying to legislate the configuration of any network

It doesn't.

One, this isn't the government, this is the courts. You have heard of this concept of "seperation of powers", have you?
Two, this isn't the legislative, this is... see above.
Three, nobody is trying to enforce any specific "configuration of any network". The court says that if your house is open for everyone, then you could be responsible for what happens in it and can't simply say "some stranger I don't know did it".

Re:actual judgement

[Tom]

If you are running an open wifi spot how does "common carrier" status play into this, because this all sounds ABSURD...

"common carrier" is a concept from the common-law system, e.g. a US/UK concept. Germany is a civil law country.

Re:actual judgement

[Tom]

I have no idea about German law, other than that, to the extent that it forbids running an open WiFi network, German law needs to be changed.

You have no idea about german courts, either.

Germany is a civil law country, which means that our laws are written by the legislative body, not by caselaw. The courts only interpret the law, they don't make it.

What the court did was take existing laws about negligence and apply them to an open Wifi network. And it found out that you may be responsible for damages. It explicitly does NOT FORBID running an open Wifi network, it only says that if you do, you have to apply reasonable precautions against abuse.

Re:actual judgement

[Tom]

Your understanding is much better than most here on /.

German law uses responsibility and concepts such as "reasonable" a lot, instead of micro-managing things. Its basic assumption is that the body of laws is there to regulate a society of reasonable, adult people who are not entirely self-obsessed, and that you can expect a certain amount of regard from everyone else, but in turn are required to offer your fellow citizen the same in return.

For example, this is the entire first paragraph of the Straßenverkehrsordnung, the law governing road traffic:

"1 Grundregeln

  (1) Die Teilnahme am Straßenverkehr erfordert ständige Vorsicht und gegenseitige Rücksicht.

  (2) Jeder Verkehrsteilnehmer hat sich so zu verhalten, daß kein Anderer geschädigt, gefährdet oder mehr, als nach den Umständen unvermeidbar, behindert oder belästigt wird."

Rough translation:

(1) Participation in road traffic requires constant care and regard for each other.
(2) Every participant in traffic has to act in such a way that nobody else will be damaged, endangered or, more than the conditions make unavoidable, inconvenienced.

Re:actual judgement

[zarzu]

it's not the same with an insurance, your analogy would be the equivalent to someone having an open wifi and shared directories open to everyone and trying to get insurance money if those get deleted. having an open wifi does not mean you open up a private area it means you give access to publicly available communication and everyone else is able to get the exact same access, just from a different point of entry. you are in principle getting fined because you make it more difficult for them to identify the person acting from ip w.x.y.z at time a.

Re:actual judgement

[Hizonner]

I'm perfectly well aware that Germany is a civil law country. What does that have to do with the fact that the law shouldn't forbid running an open WiFi network? I didn't say by what process it should be changed. Taking a German court at its word on its interpretation of German civil law is not the same thing as saying the court makes the law.

And, according to the summaries I've seen of the decision, the court in fact said that, according to local law, you effectively can't run an open WiFi network. That's because any remotely effective "precautions against abuse" make the network not open any more. A network is not open if you need to have a password to join it. It's also not open if it's so loaded up with filters that you can't do anything interesting with it.

I doubt the law will accept a mere pretense of precautions; you're going to have to have a real expectation that what you're doing will work, and that means no open networks.

Re:actual judgement

[Hizonner]

If I were an official of the American government, speaking in my official capacity, you'd be right.

Since I'm not, I'm free to criticize any law, anywhere in the world, and to say what I think should happen anywhere in the world. I am a human being, and that means that, in this and many, many other situations, I outrank artificial constructs like nation states.

I'm happy to listen to German opinions on what should be done with American law. In fact, I think the US needs all the outside opinions it can get right now.

As for what mechanism the law uses to forbid open WiFi, that's not relevant. If ir forbids open WiFi, which seems to be the case, then it needs to be changed. I don't care whether it's phrased in terms of "802.11[abg] without WPA-2", or in terms of "personal responsibility". If the effect is to forbid open WiFi, it's not OK.

Re:actual judgement

[colinnwn]

In most countries, the owner is held responsible if the driver can not be identified (and the car hasn't been reported as stolen). Which is why some commentators already believe that one solution for hotels, etc. will be to identify their hotspot users,

I can see requiring the owner to cooperate in identifying the driver, but I don't agree with holding them responsible. In the case of Wi-Fi, I can see requiring the owner to allow you to inspect the network for evidence of the source of malfeasance, but I don't think the purchaser of the bandwidth should be required to keep records or be responsible for activities that others partake of over their internet connection.

A good example of why not to do this is that teacher who accidentally showed porn to his students because his computer had an unknown to him trojan. A pure reading of a responsibility law would mean he was civilly and criminally responsible for knowing his computer had a trojan, for its downloading of porn, and the display of that porn to minors.

The idea you propose to treat Wi-Fi like car owner responsibility in some countries adds a lot more friction to the experience of using Wi-Fi in places like libraries and coffee shops. It might be acceptable to the populace in a place like Europe, which seems to be swinging towards police state even more than the US.

But I highly doubt it will fly in the US due to our tendency toward libertarian politics, and annoyance at government intrusion into our lives.

Re:actual judgement

[Tom]

What does that have to do with the fact that the law shouldn't forbid running an open WiFi network?

Because it doesn't. There is no such law, nor is anyone debating one. You seem to confuse "if you do this, and something bad happens, you may be liable" with "you may not do this". There's a huge difference between the two. To use the beloved car analogy: You're essentially claiming that driving a car has been disallowed because a court has ruled that if you run someone over, you have to pay their hospital bills.

And, according to the summaries I've seen of the decision, the court in fact said that, according to local law, you effectively can't run an open WiFi network.

Once more, it doesn't say that. What it does say is that you may be held liable for damages. While this will discourage a lot of people, it is a far call from saying you can't do it.

Re:actual judgement

[Tom]

I can see requiring the owner to cooperate in identifying the driver, but I don't agree with holding them responsible.

Remember we're talking civil law here, not criminal. So "holding them responsible" means paying damages (or, in the case of speeding, fines). And whether or not you like it, that's how the body of law largely works, at least for cars and their owners. So it's not the obscene, outlandish thing that the /. summary makes it out to be to apply the same standard to another area.

A pure reading of a responsibility law would mean

...that your lawyer sucks and the judge, too. This is why we have courts, so an impartial, knowledgable person (the judge) can take all the circumstances into account when applying the law.

The idea you propose to treat Wi-Fi like car owner responsibility in some countries adds a lot more friction to the experience of using Wi-Fi in places like libraries and coffee shops. It might be acceptable to the populace in a place like Europe, which seems to be swinging towards police state even more than the US.

Sorry, but you seem to not understand the cultural differences. The US has more of its population in jails by a very wide margin than any european country (in fact, I think only China beats them, world-wide). The actual difference is not police power, but how we weigh individual rights vs. social responsibility. The US puts the stress on the individual and you have all these "rights" to bear arm, to free speech, etc. etc. that you treasure so much. Europe mostly puts the stress on social responsibility, so while you have mostly the same rights, they are cushioned in a context of the larger good. While that restricts your freedoms some, you also receive the benefit that everyone else has the same limits in regards to you.

Not saying one is better or worse, history will judge that. But they're different approaches to the question of what a good society should look like.

Re:actual judgement

[Tom]

it's not the same with an insurance,

There is no such thing as a non-flawed analogy. :-)

The point still is that other people can expect that you take reasonable precautions against bad things happening to them, if it is within your power to do so, and the burden on you is very low compared to the danger to them.

That's a pretty common standard of responsibility, at least in Europe.

Re:actual judgement

[Hizonner]

My point is that you should not be liable to anybody at all, for anything. By imposing liability for something, the law is, in effect, saying that that behavior is forbidden. I can murder people, too, but I'll be subject to a criminal penalty because the law forbids murder. More to the point, I can fail to perform on a contract, but I'll be liable for civil damages because the law forbids not performing on contracts. Sorry if German law doesn't have the criminal/civil distinction, but I think it probably does.

To push the car analogy, your approach says that, if I lend my car to my friend, who is a licensed driver with a reasonable record, and if my friend scrapes somebody's fender (which is closer than running over somebody to the level of damage you can do via WiFi), then I should pay for the fender. You may in fact believe that. I don't.

Re:actual judgement

[colinnwn]

Remember we're talking civil law here, not criminal. So "holding them responsible" means paying damages (or, in the case of speeding, fines). And whether or not you like it, that's how the body of law largely works, at least for cars and their owners. So it's not the obscene, outlandish thing that the /. summary makes it out to be to apply the same standard to another area.

Not sure about all states in the US. But I know it is not uncommon here that speeding tickets are a part of criminal law (albeit the lowest misdemeanor possible unless you are going so fast it could be considered reckless endangerment.

I also don't believe I should be responsible civilly for other people's damaging actions, or that damages should be calculated based on some ethereal value thousands of times higher than the real value of the item infringed on. As a community courtesy I provide free wi-fi in my poor inner city neighborhood. I don't hold a gun to anyone's head to connect to my wi-fi and download copyrighted material. It may be how the body of law works in your area, but not so often in the US. So is applying that standard here obscene from a context outside of intellectual property law? No, and we may be slowly moving in that direction, but it would be unusual and controversial.

This is why we have courts, so an impartial, knowledgable person (the judge) can take all the circumstances into account when applying the law.

In the US a panel of your peers makes that decision, unless you opt for a bench verdict. Either way frequently judges and juries or lawmakers here do not understand the full implications of their actions, especially with regard to internet law, and it is not uncommon for a judge to declare s/he thinks the verdict s/he feels compelled to hand down is a travesty of justice but s/he feels like his/her hands are tied. Also judges generally do not correctly instruct juries they have the prerogative to ignore the law when they feel the law is grossly unjust.

Sorry, but you seem to not understand the cultural differences. The US has more of its population in jails by a very wide margin than any european country (in fact, I think only China beats them, world-wide).

I'm sorry, but I don't think you understand our cultural problems in the US and how that relates to the situation in our criminal justice system. You have a point that it is fair to compare the US unfavorably, and there is probably a better way to describe the difference.

But regarding our prison population, it is almost entirely the product of a racist agenda in our drug policy from the early 1900's that is propagated today by histrionic politicians and an ill-informed electorate. If we were to legalize marijuana, and decriminalize most drug use and possession (while possibly requiring treatment), and only put people in jail for drugs when there was a related property or persons crime, then the US would have equal or lower incarceration rates to most western countries. So using that as the sole statistic to paint a picture of the US as being a more authoritarian and police oriented state I think is disingenuous.

The actual difference is not police power, but how we weigh individual rights vs. social responsibility. The US puts the stress on the individual and you have all these "rights" to bear arm, to free speech, etc. etc. that you treasure so much.

Yes, this is quite clear. In many ways I prefer the social responsibility ethic of Europe, that the government should provide a last chance safety net for people in dire need, that we all should pay a little to ensure everyone gets basic health care, etc. But unfortunately I think many European countries in law take that too far, for example by placing blame or responsibility for people's actions on others that were only tangentially involved.

Re:actual judgement

[Tom]

I also don't believe I should be responsible civilly for other people's damaging actions,

Not if you are not involved. But in this case, you are. Or rather: You may be. If you didn't take reasonable precautions. Note that German courts usually define "reasonable" at the benefit of the common man. But we'll have to wait and see.

or that damages should be calculated based on some ethereal value thousands of times higher than the real value of the item infringed on.

I agree on that. But again, that will have to be tested in future cases, so we don't yet know which way German courts will swing.

It may be how the body of law works in your area, but not so often in the US.

Well, it's a decision from a german court about something that happened in Germany, so it's a little bit dumb to apply US standards all the time. It's a different country, with a different set of rules. Not massively different, but enough that things that may be an outrage in the US are perfectly fine over here, due to the different context. It works both ways, too. We Europeans largely shake our heads at the american obession with nudity. Heck, you want to see some breasts? Go to the nearest book store or kiosk, the TV magazines probably have naked ladies on the front cover. If they don't (weird week or something), try the sports or photography magazines. Unless it's hardcore porn, no one really gives a damn. A minister of justice who covers up Justicia's breasts would have his sanity questioned in the mainstream press over here.

So really, it's a different society, different laws, differen priorities. Keep that in mind or you can only arrive at odd conclusions.

In the US a panel of your peers makes that decision, unless you opt for a bench verdict.

In Germany, you usually have a panel of judges (3 in the lower courts, 5 in the higher courts, I think 7 in our equivalent of the supreme courts) in civil cases, but our equivalent of your juries are the laymen judges - volunteer judges who are not trained lawyers, but come from all walks of life.

But unfortunately I think many European countries in law take that too far, for example by placing blame or responsibility for people's actions on others that were only tangentially involved.

Yes, the system is far from perfect. I've actually been involved in civil rights issues, including some work with the EFF (both US and the several european chapters) and in the founding of EDRI. I'm not saying everything is great. But I get tired of /. stories that try to judge european events from an american perspective. As I said: If we do that with yours (Justicia), you'd appear equally insane to us.

Re:actual judgement

[Tom]

My point is that you should not be liable to anybody at all, for anything.

And my point is that - from a european perspective - that's a stupid and antisocial position to take. We over here largely believe that there are responsibilities both way. Society gives you protection (military, but also emergency services) and in return you have some responsibilities to support society (taxes) and not place an unreasonable burden on someone else (what the laws on negliegence, etc. are all about).

In this case, the court ruled that not taking at least minimal steps of precaution against your Wifi being abused for well-known and common criminal actions places an unreasonable burden on society. But it also ruled that providing really great security would place an unreasonable burden on the common man, who probably doesn't know all that much about security. So it only ruled that a minimum standard of security, that should reasonably be part of every setting up procedure (turn on encryption, set a new password) should be expected of you.

By imposing liability for something, the law is, in effect, saying that that behavior is forbidden.

No, it does not. It may exceed the amount of risk you are willing to take, but it remains your choice and you are perfectly free to do as you like, and as long as nobody suffers any damages from it, no one will mind.

I can murder people, too, but I'll be subject to a criminal penalty because the law forbids murder.

You can't be serious. One, murder is a crime, having an open Wifi hotspot is not. You may be liable in a civil case, for damages. In no case will you go to jail. Two, the law explicitly says that murder is illegal. No law addresses open Wifi hotspots, that's why we had this court decision in the first place. So the final call, the word of the legislative, is still out. Three, there's a huge difference between a crime and civil damages in real life. For one, civil damages don't show up in a background check, conviction for a crime does. I could go on. The main point is still that just because you are not willing to or can't afford pay the responsibility doesn't mean something is illegal. You probably can't afford a 1st class transatlantic flight, either, or are not willing to put that money down, but that doesn't make flying first class a crime. It really is the same, funny as it sounds. All the court did was put a price tag on running an open Wifi - in most cases, the price of a good lawyer. The german online magazines are already full of ways to get out of the liability.

More to the point, I can fail to perform on a contract, but I'll be liable for civil damages because the law forbids not performing on contracts.

Actually, no. I did take some contract law in university, but it's not my specialty. But I can't remember a single place where it says that not performing a contract is disallowed, illegal, a crime or otherwise against the law.
What it does say is what the other party can sue you for if you do. That is a huge difference. Among other things, it makes it perfectly legal to fail a contract if it makes economic sense (considering loss of reputation, etc.) - there is no way to justify a murder this way ("it was cheaper to kill him than to pay my debt to him" - yeah, that's gonna get you out of a murder case).

then I should pay for the fender. You may in fact believe that. I don't.

Actually, your friend should pay. However, if the driver can not be identified, and you refuse to cooperate in identifying him, you may be held liable. I'm not sure about this specific fender example, but for speeding or parking tickets, that's exactly how it is.

Re:actual judgement

[Phisbut]

In the US, parking tickets are issued to the car, not the person. So you might not be able to get your car registration renewed, or get it impounded, but you won't go to jail for not paying.

Just as the guy in TFA got fined for not securing his WiFi as the owner of the signal, and he didn't get sent to jail. The analogy still stands, and the overreactions are still overreactions.

Re:actual judgement

[colinnwn]

And my point that I could have explained better is that it isn't an overreaction. If you fail to pay a civil judgment against you (a person), the judge could arrest you for contempt of court if he believes you have the means to pay and are defying him/her, or the plaintiff could put a lien on real property like your home. In the case of failing to pay a parking ticket, the absolute worst thing they can do is impound and confiscate your car.

Re:actual judgement

[snowgirl]

I agree on that. But again, that will have to be tested in future cases, so we don't yet know which way German courts will swing.

Germany has a Civil Law tradition, which means that the judge's decision in this case is not binding to future cases.

Each case is considered entirely upon its own merits.

Re:actual judgement

[snowgirl]

Forget me, I'm retarded. I was thinking your comment came from the other poster.

I expect that you are already well aware of the law tradition in Germany. oof!

This is GOOD news

While some of you slashdoters cannot even grasp what this means:
You can leave your wifi open, you can download anything you want, and the maximal fine will be 100 EUR!
I call that a big win where users would be sued up to 10.000 EUR for downloading/sharing music - this will put a dramatic lid on those things.

Cheers.

Re:This is GOOD news

And not only is the fine low, it presumably goes to the government instead of the RIAA/MPAA or local equivalents.

Manufacturers to blame? Lack of full regulation?

[strayant]

So, if this is how things are to be, I think that this guy should pass the buck to the manufacturer for not complying with local law. Such devices should be regulated in such a way that they cannot be sold to customers without ALREADY being secure out-of-the-box. Otherwise, I think that this should have no merit.

anonymity is illegal?

judgment seems to make anonymity illegal. unsecured wifi provides only this, it doesn't provide a free pass to copyright infringement. anonymity may make infringement a difficult crime to investigate, but should that make it illegal?

Re:anonymity is illegal?

[gzipped_tar]

As silly as it may sound, but "making a crime more difficult to investigate" *is* illegal in many jurisdictions.

Re:anonymity is illegal?

[gstoddart]

As silly as it may sound, but "making a crime more difficult to investigate" *is* illegal in many jurisdictions.

Anonymity is not a crime.

Not a bad idea...

[FyRE666]

Maybe if this was extended to enforce a more responsible attitude for people leaving their PCs infected and sending out spam for months, I'd be all for it. Stupidity is no defence, so if you're irresponsible behaviour is causing misery for others, and potentially allowing a criminal offence to take place then you deserve to face charges.

Driving a car with no license, or instruction is an offence and whilst spamming thousands of people isn't actually dangerous, it affects more individuals.

Saying this, maybe wireless routers/modems shouldn't even have an option to operate in an open mode. Likewise, maybe ISPs shouldn't allow customers to send mail out on port 25 to random machines - just route it all through their own mail server. If a machine is sending a huge amount of mail, it's simple to block it until the user fixes their system. Surely it's not that fucking hard!

Re:Not a bad idea...

[corbettw]

Likewise, maybe ISPs shouldn't allow customers to send mail out on port 25 to random machines - just route it all through their own mail server.

I'm pretty sure that's the default with most ISPs now. What's more, it's common for them to require SSL connections on 465, not 25.

Re:Not a bad idea...

[John.Banister]

Stupidity is no defence, so if you're irresponsible behaviour is causing misery for others,

Re:Not a bad idea...

[sheddd]

[sarcasm]Yes, we should require a Computer Science PHD for all internet users to keep ourselves safe, and periodically inspect their equipment to make sure the security's adequate. Or maybe ban anyone on the left of the IQ curve from using computers.[/sarcasm]

I can relate (and slightly agree with what you say, but the internet is so wonderful because it's so open (yea SMTP is a mess but it still works). I run 50 open wifi AP's at work (a hotel) and one at home. It saves a lot of time, makes life easier.

Trying to control technical things with laws is a slippery slope, and I'd hate to slip farther down that slope!

Re:Not a bad idea...

[tepples]

Likewise, maybe ISPs shouldn't allow customers to send mail out on port 25 to random machines - just route it all through their own mail server.

That'd be fine if the ISP's own mail server weren't down so often.

If a machine is sending a huge amount of mail, it's simple to block it until the user fixes their system.

Some machines send huge amounts of mail because they host mailing lists with huge amounts of subscribers. Should an ISP automatically close ports for a user with business-class service that keeps verifiable records of how and when each user confirmed opt-in to the mailing list?

Re:Not a bad idea...

[sheddd]

Mine doesn't. Makes diagnosing mail problems much easier. > telnet google.com.s9a1.psmtp.com 25 Trying 74.125.148.10... Connected to google.com.s9a1.psmtp.com. Escape character is '^]'. 220 Postini ESMTP 181 y6_27_0c6 ready. CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.

Re:Not a bad idea...

[panda]

Read the RFCs, you should be using 587, not 465!

Re:Not a bad idea...

[colinnwn]

Ahhh... Criminalize the victim.

I agree about ISPs shouldn't have open port 25. But I vehemently disagree about running an open wi-fi access point. I want to live in a wirelessly connected world. If open Wi-fi was illegal, I'd have to get a cellular data plan, which is still to expensive. I run an open wi-fi access point for my neighbors. And I appreciate it when airports and coffee shops have the same service available for me.

Soo

[future+assassin]

if I left my car doors unlocked (there is no law that says I have to do that) and someone used it to steal bunch of music cd from a retail store I be charged with copyright theft?

Re:Soo

[Sockatume]

Even if you stole CDs from a retail store yourself, you wouldn't be charged with "copyright theft".

Re:Soo

No that would be petty theft because no copies were made, thus much less of a crime.

Re:Soo

if I left my car doors unlocked (there is no law that says I have to do that) and someone used it to steal bunch of music cd from a retail store I be charged with copyright theft?

Best comparison ive heard!!!

Re:Soo

if I left my car doors unlocked (there is no law that says I have to do that) and someone used it to steal bunch of music cd from a retail store I be charged with copyright theft?

Guess what, in Germany, there's a law that you have to lock your car. I'm not kidding:

Straßenverkehrs-Ordnung (StVO)

I. Allgemeine Verkehrsregeln

14 Sorgfaltspflichten beim Ein- und Aussteigen

  (1) Wer ein- oder aussteigt, muß sich so verhalten, daß eine Gefährdung anderer Verkehrsteilnehmer ausgeschlossen ist.

  (2) Verläßt der Führer sein Fahrzeug, so muß er die nötigen Maßnahmen treffen, um Unfälle oder Verkehrsstörungen zu vermeiden. Kraftfahrzeuge sind auch gegen unbefugte Benutzung zu sichern.

"Kraftfahrzeuge sind auch gegen unbefugte Benutzung zu sichern." means "Motor vehicles also have to be secured against unauthorized use."

That's usually a 15 EUR ticket if you get caught.

Re:Soo

[heeen]

In Germany you can be fined for leaving your car unlocked.

Never underestimate money starved governments

[Shivetya]

In the US some areas charge you for having an accident. As in, you get into an auto wreck and all parties are charged a fee for emergency services.

So, in your scenario, your causing the police extra work by your negligence (just thinking out loud like a councilman looking for pennies in the couch would) and you should pay a penalty. Hell, we should be preemptive and apply a special tax to items you may own which thieves would want, a new desirable goods tax assessed yearly.

The government can force ANYONE to do ANYTHING. Never underestimate what government can do. If not directly they will do it indirectly, and if necessary undetected but that usually requires the target to vanish too

Face it, people have been more and more willing to ask the government to do things for them, who are they to tell when to stop?

Can't Resist...

[leeosenton]

So *IF* I were a music pirate in Germany, this ruling would tell me to leave my router unsecured. The unprotected network fine is much cheaper than a RIAA lawsuit...

Re:Can't Resist...

[Aradiel]

But would the fine still be for each individual violation? The difference between 5 million Euros and 50 thousand is unimportant when you can't even afford the lower rate.

Re:Can't Resist...

[natehoy]

Exactly.

Of course, the defense would probably only work once. So be sure you download a LOT of stuff as fast as you can, because I suspect if you got hauled into court a second time, ignorance would no longer be a plea bargain.

Firearms... maybe... Prank phone calls?

[gavron]

I like the thought, and others have commented on gun safety. Here's mine:

YOU leave YOUR apartment unlocked.

Bad guy enters YOUR apartment and uses YOUR telephone to make prank, obscene, or threatening phone calls.

The Court finds that YOU didn't make any of those calls.

YOU should not be fined because it's YOUR choice to lock or unlock your apartment.
YOU are blameless.

I guess it's not unusual to find the world mollycoddling the "Big Content" slimeballs.

E

Re:Firearms... maybe... Prank phone calls?

[Shakrai]

They don't even have to break into your house to do this. What happens if someone steals my cell phone off the restaurant table when I'm not looking and uses it to call the White House and threaten to take out the President? I don't think I'd be charged in that instance, nor should I be.....

Re:Firearms... maybe... Prank phone calls?

Capital letters are no substitute for a well-thought out argument.

YOU should not be fined because it's YOUR choice to lock or unlock your apartment. YOU are blameless.

Whether that is true is what is under discussion. All you've done is restate it. Care to make an argument?

Quick

[carp3_noct3m]

Someone go find the RIAA/MPAA or whatever the equivalent in Germany is, use their wifi (would WEP or WPA-TSK count as "adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,'?) And start downloading everything you can think of. Lets see if they sue themselves.

Re:Quick

[Coder4Life]

Someone go find the RIAA/MPAA or whatever the equivalent in Germany is, use their wifi (would WEP or WPA-TSK count as "adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,'?) And start downloading everything you can think of. Lets see if they sue themselves.

No. FTFA:

The court also limited its decision, ruling that users could not be expected to constantly update their wireless connection's security — they are only required to protect their Internet access by setting up a password when they first install it.

But your comment is valid because i'm sure that decision will be further examined down the road too and it will become an arms race in regard to what the "minimum" level of security is.

Re:Quick

[Sockatume]

Civil law is not like criminal law. You're not usually under an obligation to pursue everyone you're legally entitled to pursue.

The problem with negligence

[MikeRT]

is that it often comes down to a failure to do right and a need to blame someone. If someone steals a gun and commits a crime with it, they should be 100% civilly responsible. Allowing the victim of the theft to be sued is nothing more than indulging the blood lust of the victim and their family who want anyone connected with it to pay dearly.

Re:The problem with negligence

[Itninja]

SO there is no such thing as negligence? As an example, if I am babysitting a neighbors 13 y/o daughter and allow her to go, alone, to a frat party and she get drunk and then raped, am I not at least partially responsible?

Re:The problem with negligence

[Frank+T.+Lofaro+Jr.]

I agree with you, but would you say the beer manufacturer should get sued too?

That's what they do in the US with guns, sue the producers of a legal product which was misused.

Re:The problem with negligence

[Itninja]

I think it's a matter of how many degrees of separation there are. The parent are certainly within their rights to sue if they wanted to, but I imagine the company would just settle out of court to shut them up. If it actually went to court I doubt the beer company would lose.

Re:The problem with negligence

[Albanach]

I agree with you, but would you say the beer manufacturer should get sued too?

No, they should not. Just as Linksys or Netgear or whoever made the access point wasn't sued in this case.

I disagree with the ruling, but if Germany has some law that says you have a responsibility to ensure your internet connection is secured then obey the law while you campaign for its change.

Re:The problem with negligence

[jabelli]

Yes, if you actually allowed her to leave. However, if she slipped roofies into your Coke so you fell asleep, then no.

Re:The problem with negligence

Criminally, yes but not any civil responsibility. Negligence is a crime in some cases like for example gun control,

Re:The problem with negligence

[Grishnakh]

There is a such thing as negligence, but leaving your gun unlocked isn't an example of it.

Do you keep your kitchen knives locked up? Why not? After all, someone could break in, steal them, and use them to kill people (like the guy in China just yesterday who hacked up a bunch of children with a meat cleaver). Knives are deadly weapons, and even more deadly than guns for close-in combat. What about swords? If someone has one of these ornamental swords (like my Lord of the Rings replica sword) hanging on their wall, and someone steals it and whacks someone with it (though it'll probably break in half if they do), should that person be charged with negligence?

Of course not. The only person at fault is the one who broke into their home, and used the weapon. And whether the door was locked is irrelevant. It's illegal to trespass, and an unlocked door is not an invitation to enter unauthorized. Lots of people in rural areas don't bother to lock their doors.

Re:The problem with negligence

[Smauler]

If you are babysitting a 13 y/o girl, you've already accepted a position of responsibility to protect that girl, at least to some extent. If you share your internet connection, you are _not_ accepting a position of responsibility to protect that connection. One is an end in itself, the other is a means to an end.

Re:The problem with negligence

[chickenarise]

obey the law while you campaign for its change

Just like Gandhi and Martin Luther King Jr. did right? Why do so few understand the power of civil disobedience?

Re:The problem with negligence

[bws111]

You already HAVE a responsibility for what goes through your internet connection. It is, after all, YOUR connection. Sharing your connection means you are also accepting responsibility for what anyone else does with it. It is completely backwards to think that somehow sharing your connection absolves you of responsibility.

Re:The problem with negligence

That depends. if by 'allow' you mean you said 'yes' when she asked than yes you're partly responsible. if however you denied her permission but she snuck out and you failled to prevent that than no.

Re:The problem with negligence

[ciggieposeur]

Sharing your connection means you are also accepting responsibility for what anyone else does with it.

If you hosted a party and one of the guests (whom you do not know) made a local call on your house phone to a drug dealer, and then they left the party and bought a kilo of cocaine, were you an accessory to the illegal sale?

Re:The problem with negligence

[bws111]

Where did I say you would be an accessory? I said you were responsible - as in your name is attached to it. The rest of that question is so far off topic it is not even worth discussing. However, let's take a scenario that is more on topic. You host a party and allow an unknown person to use your computer. They download child porn. Where are the police going to show up? Who's computer are they going to take (and find the child porn on)? Who's life are they going to turn upside down? Who will likely be sitting in jail for at least a while? How well do you think an alibi of 'an unknown person used my computer in my house' will hold up in court against the evidence of YOUR ip address and YOUR computer?

Re:The problem with negligence

[ciggieposeur]

The rest of that question is so far off topic it is not even worth discussing.

Well, no it's not off topic. The topic is about liability vs sharing, the form of the technology is just window dressing.

And your analogy isn't an analogy at all: child porn and copyright infringement are both aggressively pursued to absurd extremes, criminally in the former case and civilly/criminally in the latter. The only way to salvage your analogy would be to say the unknown guest downloaded child porn, copied it to a USB stick, and erased their tracks off your computer (perfectly - nothing in history, deleted space, etc.). The police show up and find ZERO evidence that you ever had child porn in your possession. Then what?

Let's move to older technology: phones. Loaning someone your phone doesn't make you liable for what they do on the call without your knowledge, but loaning them a phone right after they told you it was to call a drug dealer is obviously wrong. We accept phones as "default share", why not wifi too? I'm having a hard time disagreeing with people like Bruce Schneier who don't see any real harm in open access points.

Re:The problem with negligence

I agree with you, but would you say the beer manufacturer should get sued too?

Only if it's American Beer.

Attractive Nuisance Perhaps?

[srussia]

I know, it sounds like a pretty colleague who just won't let you work but there really is such a doctrine: http://en.wikipedia.org/wiki/Attractive_nuisance_doctrine

Interesting take. What should I do?

Your points are good ones and ones I hadn't considered much. I'll post anonymously so I can site my actual situation:

In 20 years, I have never locked my house. I grew up in a town where locks were rare (we never locked our house), and I moved out to an even smaller town as an adult. I personally think the time I have *not* spent looking for my keys must been in the hundreds of hours by now, so if I go home tonight and everything is cleaned out, I still come out ahead.

I keep no guns in my house (and never would). I'm not opposed to gun ownership--it's just not for me. However, I recently acquired 2 traditional recurve bows for myself and my wife and have over a dozen aluminum arrows. These require some skill to use because they are very light "bare" bows with no sights, arrow rests, or triggers--definitely not a hunting setup. The bows are stored unstrung (but with strings attached). I think a random untrained kid would be limited in the damage he could do. Of course, any weapon is a dangerous item.

Do I have to begin locking my house because of this? Or do I have to secure the bows in a locked case? What is my responsibility here?

This is disgusting

[selven]

Free public Wi-Fi is one of the most important public services of the 21st century. It gives anyone who can come up with the $200 for a netbook the ability to access the sum of human knowledge. It allows people to communicate over long distances in many more ways that a simple voice conversation. Anyone who comes up with the money for an unlimited internet connection and jeopardizes some of his privacy (or some convenience, if he uses some kind of proxy/encryption) to let anyone access the internet without paying high fees to greedy monopolistic corporations is doing good for society. Saying that he's doing evil since he's also allowing copyright infringement is like saying cars are evil since you can use one to get away from a robbery. All technology can be used for good and evil, but the internet being freely available to the public does hundreds of times more good than it does evil.

Re:This is disgusting

+1

Re:This is disgusting

[sexconker]

Free public Wi-Fi is one of the most important public services of the 21st century.

No.

Water, electricity, gas, roads, police, firemen, ambulances, etc.

Free public wifi is no where near the top of that list.

I know this is slashdot and you're all a bunch of fucking nerds, but there's a real world out there, and it's far more important than the fucking internet.

Re:This is disgusting

[colinnwn]

Water, electricity, gas, roads, police, firemen, ambulances, etc.

No.

Those are of the 18th, 19th and 20th century. Wi-fi / internet access is the only public service new to the 21st century I can think of right now.

Re:This is disgusting

You only think we are bunch of nerds. You haven't met people of the end of this century.

Re:This is disgusting

[mdielmann]

Yeah, I was thinking this was not dissimilar to fining a homeowner after a thief escaped through your yard because you didn't put up a fence.

Re:This is disgusting

[sexconker]

Yet somehow, those "old" services are still in use today.
They are thus still 21st century public services.

Reasonable Doubt

[Coder4Life]

FTFA:

But the user could prove that he was on vacation while the song was downloaded via his wireless connection. Still, the court ruled he was responsible to a degree for failing to protect his connection from abuse by third parties.

What if the "abuser" was downloading a copy of something he already owned, but potentially scratched the disc up so much that it was rendered unreadable? I don't know how it works in Germany but according to provision 117 of the DMCA:
(a) Making of Additional Copy or Adaptation by Owner of Copy.— Notwithstanding the provisions of section 106, it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided:
(1) that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner, or
(2) that such new copy or adaptation is for archival purposes only and that all archival copies are destroyed in the event that continued possession of the computer program should cease to be rightful.

Isn't this enough to cause reasonable doubt that the person who downloaded over the network may have not been committing copyright infringement at all?

So what about a Starbucks that offers free wifi?

[gurps_npc]

Or is that illegal in Germany?

Lets up the status even more. How about a public library that offers free wifi?

But assuming it is my responsibilitiy to detect/prevent/record the internet crimes of strangers in my area to allow the government to prosecute them, does that mean I am also legally required to put camers up all around my property to detect/prevent/record NON-internet related crimes?

Moron judges should be fired, regardless of which country they are from.

This actually has a really good side effect

[highspl]

Let's say you never use your own connection, but always use your neighbor's connection. Then, you never have to worry about a large fine from infringement, because the owner of the line wasn't the one who did it.

In the article, you get fined up to $126.

Re:This actually has a really good side effect

[highspl]

Let's say you never use your own connection, but always use your neighbor's connection. Then, you never have to worry about a large fine from infringement, because the owner of the line wasn't the one who did it.

In the article, you get fined up to $126.

Slight clarification: You knowingly use each other's internet connection, and never your own. This way you're both still paying, and not really "stealing".

Is his ISP being fined as well?

[Yaos]

His ISP has a responsibility to prevent copyright infringement as well, so they should be fined for it too.

Stop, belay that headline...

[mseeger]

Serious case of misleading headline.... The court said: "If you have an open WIFI and someone uses it to fileshare copyright protected material, the owner of the rights may send you a cease and desist letter (effectively insisting that you secure your WIFI) and extract 100,- Euro from you for covering the fees of the legal process."

The user was not fined, he was not punished, he was not ordered to pay for the damages.

CU, Martin

P.S. Who wonders, that lawyers don't get the technical aspects right when the techies confuse the most elemental judical terms....

Re:Stop, belay that headline...

[BartholomewBernsteyn]

I'd do the following if I was a musician / musician representative group in Germany:

1. Hire cracker to gain access to networks with with verified information about the owner.
2. Download 'your' IP from said network access.
3. Write a nice letter to said owners and urge them to pay up for the damage done.
4. Profit!!!

Now if only there were botnets, insecure routers / OSs and so on.
Oh wait...

Re:Stop, belay that headline...

[swillden]

The user was not fined

You can choose to define "fined" narrowly enough that this statement is factually correct, but it doesn't change the fact that this guy had to deal with the legal system and pay our 100 Euros for doing absolutely nothing wrong.

Re:Stop, belay that headline...

It's still a fine. What the 100 euri are for is irrelevant - they've left his pocket. For no good reason.

Re:Stop, belay that headline...

[pipedwho]

It's worse than that, he also had to secure his wifi as part of the court order. That may cause more trouble (for friends and neighbours that otherwise use it) than the 100 euro 'fine'.

Re:Stop, belay that headline...

[mseeger]

You can choose to define "fined" narrowly enough that this statement is factually correct,

Actually, "fine" is a very well defined trerm like "Bit". A fine is something to pay to the goverment as punishment. Since there was no punishment, it was no fine.

If something feels like a punishment, it doesn't make one. If we would have been punished, tha actual drain on his wallet would have been 100 times of what happened.

Furthermore i find myself in agreement with the court: having an open WLAN puts him and others at risk and usually is a violation of ToS of his provider. He should either secure his WLAN or turn it off: his choice.

CU, Martin

Re:Stop, belay that headline...

[swillden]

If something feels like a punishment, it doesn't make one. If we would have been punished, tha actual drain on his wallet would have been 100 times of what happened.

So it has to be 10,000 euros to be a punishment? Geez, I'm glad you're not a judge.

Furthermore i find myself in agreement with the court: having an open WLAN puts him and others at risk and usually is a violation of ToS of his provider. He should either secure his WLAN or turn it off: his choice.

Bah.

My Wifi is wide open and I like it that way. Better performance, and I feel it's neighborly to share.

What law?

[uffe_nordholm]

IANAL, and more specifically, IANAL in Germany, so my thinking might be off by several galaxies, but here goes anyway...

As far as I know, you cannot be fined unless you do something illegal. In other words, there _must_ be at least one law you have broken with your actions or lack of actions. The obvious question then: _is_ there a law in Germany demanding that you secure your WiFi? Or is some law being extended to cover this situation?

In my country laws are usually interpreted very strictly: if they mention (just for example) print media, the law is not usually assumed to include digital media as well. This is normally a good thing: actions/things that are not explicitly illegal are automatically legal.

Re:What law?

[Thanatos81]

I don't know about your laws, and IANAL either. But here in Germany you do not necessarily need to do something illegal to be fined. There is something which would translate to "failure to render assistance". E.g. if you get to the site of an accident and there are people in need and you don't help them you can be fined for not helping them.

I don't want to say that the rule in TFA is the right decision. I just want to point out that law is not always as easy to grasp as it would seem at first.

Re:What law?

[uffe_nordholm]

When it comes to traffic accidents I think many countries have laws requiring you to help, as far as your knowledge will let you. Therefore, not helping is against the law and you can get fined. It would be very interesting, though, to know what law was used to fine this "perpetrator".

Piracy is armed robbery of ships

[tepples]

Comparing copyright infringement to murder is sickening.

Perhaps, but the comparison between prohibited copying and armed robbery of ships, which often involves murder, has been around so long enough that nobody outside the FSF bats an eye at calling it "piracy". The ship has sailed; the slope has slipped.

Re:Piracy is armed robbery of ships

[blair1q]

I thought it was because of the parrots and saying "arr" all the time.

Re:Piracy is armed robbery of ships

[jc42]

Well, we do have a parrot in our house (a blue-crowned conure), but I've never heard her say "Arr". We do tell people that she's shouting out "IRAQ!" in an attempt to get a political discussion going.

(Usually when I say that within her earshot, she does say "IRAQ!", but it mostly just gets laughs, not a political discussion.)

Give it the door test

[RingDev]

I go on vacation.
I leave my back door unlocked.
Someone enters my house while I'm on vacation with out my permission.
They bring with them a CD that they shop lifted from a store.
They use my computer equipment to rip 1 song off of that CD.

And >I get fined $100.

What... the... crap...

-Rick

Re:So what about a Starbucks that offers free wifi

[Nukenbar]

+1 - In the US, many court houses have free public wi-fi for people waiting on jury duty. It would be funny if the court that sentenced him had the same thing.

Am I wrong?

[schlick]

I hate to mention this because another crowd has co-opted the identity, but wasn't the Boston Tea Party pretty much a revolt against this kind of thing?

Re:Am I wrong?

You're quite wrong. The Boston Tea Party was a protest against taxes upon tea which had not been approved by the elected representatives of the folks in the colonies, because well, among other things, the Colonies had no representatives in Parliament.

I see no evidence that the German people are not adequately represented in their government. Do you have any indications of that?

Off topib, but

[Runaway1956]

I'll add that the homeowner's liability for injuries to criminals who are trespassing and/or breaking in are quite different from one state to another. We don't all live in La-La-Land - errrr - I meant California. I read one story where a burglar hurt himself after falling through a roof, or a skylight, or some such. He successfully sued the homeowner, in California. In a more reasonable state, like Texas, the homeowner could have SHOT the SOB, and claimed that he was startled, and feared for his life. In fact, in Texas, you don't even have to fear for your life - you can shoot a burglar dead, even before he gets into the house. One woman in Houston used a shotgun to kill some guy OUTSIDE her house who was breaking into her car, and some old guy shot through the door and killed one of two burglars who were trying to break in. Now, THAT is reasonable!!

Re:Off topib, but

[xaxa]

One woman in Houston used a shotgun to kill some guy OUTSIDE her house who was breaking into her car, and some old guy shot through the door and killed one of two burglars who were trying to break in. Now, THAT is reasonable!!

How many cases of mistaken identity have there been?

(Or is walking up someone's driveway in Texas simply too risky?)

Re:Off topib, but

Hot damn, I wanna live in Texas!!!

-XcepticZP

Re:Off topib, but

[Runaway1956]

I have no idea how many people might have been shot by mistake - but in the instance I read on the Houston Chronicle, the dude was found by the cops, lying beside the car, with some kind of tool in his hand, and broken glass all around him. The biggest fuss was when they asked if her BOYFREIND might have fired the fatal shot - she used a .410, and some people claimed "a woman can't make a shot like that, at that range". Phhht. Sexists, huh? I've known a few women who could shoot better than I do. My sister, for one. Or, at least she shoots more consistently than I do. ;^)

Re:Off topib, but

[Smauler]

Now, THAT is reasonable!!

Until someone gets shot when trying to canvas for election, or something else. Honestly, do you really think that you have the absolute right of life and death over anyone "on your land"? What about someone fleeing from criminals, who has nowhere else to go? Sorry... not going to argue this point any more, as long as you state that any unknowns on land someone owns can be killed legitemately.

Re:Off topib, but

What, and politicians *aren't* criminals?

Re:Off topib, but

[commodore64_love]

I wouldn't shoot someone just for being on my land, but if that someone started breaking-down my door, damn straight I'm going to shoot him. Better to spend 10 years in jail for "unjustified assault with a gun" than become wormfood under the ground. (At least in jail I can catch-up on all those books I've been meaning to read.)

Re:Off topib, but

[Woodham]

...I read one story where a burglar hurt himself after falling through a roof, or a skylight, or some such. He successfully sued the homeowner, in California....

Greta: Mr. Reede, several years ago a friend of mine had a burglar on her roof, a burglar. He fell through the kitchen skylight, landed on a cutting board, on a butcher's knife, cutting his leg. The burglar sued my friend, he sued my friend. And because of guys like you *he won*. My friend had to pay the burglar $6,000. Is that justice?
Fletcher: No!
[Greta looks pleased, but then Fletcher continues]
Fletcher: I'd have got him ten.
[Greta stalks off, appalled]

--The film "Liar Liar"

Locked doors? Bah.

This is one reason I really hate cities. Yes, there are definitely sickos and robbers and murderers outside of the cities, but there is a whole different attitude about security in a small town. You know everybody and, even if you hate someone, you probably watch out for them.

Other than when going away for extended periods of time, I have not locked my door in thirty years.

I'm not a fool. I'm not telling you where I live. But I really enjoy living in a place where someone can leave their car running with the door open while they run into the post office, start chatting with old friends, and come out 20 minutes later with their car still there.

When I lived in a million+ resident city for college, I hated feeling so god damned paranoid all the time about locking everything up. It's no way to live.

Re:Locked doors? Bah.

But I really enjoy living in a place where someone can leave their car running with the door open while they run into the post office, start chatting with old friends, and come out 20 minutes later with their car still there.

Geez man, if you don't care about the cost of gas, at least think about the damage you are doing to the environment.

Re:Locked doors? Bah.

But I really enjoy living in a place where someone can leave their car running with the door open while they run into the post office, start chatting with old friends, and come out 20 minutes later with their car still there.

Geez man, if you don't care about the cost of gas, at least think about the damage you are doing to the environment.

I agree, that's horrible! I love environmentalism so much, every time a new regulation restricting our freedoms in the name of the planet is passed, I burn a huge stack of old semi-truck tires in celebration.

Re:Locked doors? Bah.

*stomp* I don't CARE if it's reckless. I don't CARE if it's highly egotistical. I don't CARE if it doesn't benefit me in any way. I don't CARE if it's self-defeating. It's my GODDAMN right to do so, and I'll make use of every GODDAMN right I have! THAT's how I roll!

Re:Locked doors? Bah.

Whatever you do, do not read "In Cold Blood". It will ruin your positive feelings about the security of small town farmhouses with unlocked doors.

Re:Locked doors? Bah.

Oh, like I said, life outside of the city is not perfect, just much preferable. You still have your domestic violence and so on. However, we had a murder a couple of years ago the sheriff still hasn't a clue to go on, out on a remote farm. That's very rare though -- and I like the odds out here better.

Re:Locked doors? Bah.

You know GODDAMNED means something that Jesus doesn't approve of, right? So who are you anyway to roll against Jesus?

Encryption not supported

Some of my devices don't support my router's encryption. I have no choice but to leave my wireless unprotected.

Re:Encryption not supported

[jridley]

You're not really guaranteed the right to use unlicensed radio equipment. The FCC basically says if it works for you, and you're not bothering anyone, great, but if it doesn't work the way you want it to, or you're interfering with anyone else, tough rocks.

Owning a car accessory that requires you to disable required safety equipment to install it doesn't mean that you actually get to disable that equipment, it means you aren't allowed to use that accessory.

Re:Encryption not supported

[Grishnakh]

Out of curiosity, exactly which devices do you have that don't support your router's encryption?

Manufacturer liability

So if I secure my router, and the security is circumvented, is the router manufacturer held liable? It certainly sounds like they should be.

Let's not forget

[crossmr]

Isn't this the same country that at one point made it a criminal offense to have wireshark installed on your machine?

Re:Let's not forget

[moxley]

Oh, you must mean when they made "hacking tools" illegal.

"hacking tools" being defined as anything that could actually explain what was happening on a machine....

And then...

[MerlinTheWizard]

... of course, the user that got fined for not securing his network access could sue the Wi-Fi router manufacturer / his ISP / the Wi-Fi alliance / the ISO (while he's at it) for not making it obvious enough that not securing his wireless network access is, in the end, actually a law infringement. Jesus!! This is a masquerade of justice.

Re:Not a bad idea... right... stupid idea

I operate an open wifi spot for my neighborhood. It is just a decent, non-dickish, non-selfish thing to do. If you want to be a dick and not share, fine. But don't criminalize folks for not being dicks.

Browser authentication?

[delire]

The vast proportion of airports and hotels (increasingly cafe chains) in Europe have 'open' wireless networks that require browser authentication. You pump for an IP, are granted one, yet must authenticate in the browser (usually with a bite of your credit card) to get you through the gateway. Up until you authenticate you're a member of the LAN only. These APs usually have a EULA that prohibits such uses as the downloading of copyrighted material.

So, what specifically constitutes a Protected Network in the context of this new law?

Some devil's advocate arguments

[hellfire]

#1
In a car, you are required to be licensed in order to use it (at least in the US and europe).

To use a car, you have to know how to drive it.

To use a router, you have to know how to set it up properly.

If you don't know how to use it, don't buy it.

#2
In your CD theft situation, it is not the normal behavior of the thief to then return the car to it's owner. Your argument makes sense but in the real world it doesn't happen that way and therefore is not a condition you have to deal with because the owner of the car is a victim of theft too. With a router, you gain unauthorized access and commits crime, but you do not actually steal the router. The owner of the router did not intend to help the criminal, but the owner's inaction did assist the criminal. The purpose of a fine would be to deter crime like this by making people responsible for their property, and learn to set up their routers properly. It's cheaper in the long run to find ways of making people concerned about security than having to drag cases like this through court and waste court time.

#3
Car manufacturers put locks on ALL cars and they are easy to use and understand. Comparitively, routers have locks, but you have to turn them on to enable them. It's like having a car with locks that you can't lock until you open the door with tools, get in, and enable by hand. People need to educate themselves on these locks or they shouldn't have wireless routers.

Along the lines of #3, this is also a great argument to start pressuring manufacturers to come up with a simple and sane tool for router configuration that requires/ you to set a password and security before you are able to use it at all! Plug it in, turn it on, try to access the internet, and you are given a page that says "set security bub". By default, routers are open and anyone can use them and the manufacturers don't care.

Open WIFI == ISP

[goffster]

If you have an open WIFI, a prosecutor may be able to prove to a jury
that you are an ISP. If ACTA goes through, and ISP's held accountable,
then *you*, Mr Open WIFI, are liable.

Open and shut case

[Wowsers]

I do not use wireless, don't trust it, but my netbook has the ability to use it. So booting it up during the daytime (when there are usually less connections around) shows up that around me, there are two homes with 100% open WiFi connections, and a number with WEP and WPA, with the netbook telling me visually which is the weaker security protocol, and also the ID of the network being broadcast.... the box name anyway, so if you were a bad person, you could look up the manufacturers default passwords and change the box so you have unlimited access.

I'd love to tell the people here that they are running an open connection, because just the other day there was a car that parked up with a laptop who was scanning for WiFi, but rapidly drove away when I switched on my netbook with the connection ID "you are being scanned". They came back minutes later, and I tried to scan them again before they again rapidly drove away, this time not to return.

Starbucks

So if I go to Starbucks and use their open Wifi to download a song, I can sue Starbucks for allowing me to commit copyright infringement?

Re:Interesting take. What should I do?

[Runaway1956]

As I mentioned in another post - it depends on your city/state/country. In California, you could easily be found negligent for having *ANY* unsecured weapons. In Texas? Not freaking likely. Dude steps on your property uninvited, he's pretty much fair game for both you and the law.

However - I don't *believe* that any state in the US considers a bow to be a weapon. There are a lot of laws about firearms, and more laws concerning knives over x inches in length, but I've never seen any citations of laws about bows, or the arrows. Of course, IANAL - anything is possible if you should go scraping the law archives.

A few more facts:

[Kjella]

1. The network was in fact not open. It was secured with WPA1 and a default password (source, German)

"Somit ist auch noch einmal zu Betonen: Es ging in der Entscheidung nicht um ein vollständig ungesichertes WLAN! Der BGH hat also nicht über ein offenes WLAN verhandelt, wie lange fälschlicherweise berichtet wurde. Vielmehr ging es ganz allgemein um die bedeutsame Frage, welche Sicherungspflichten die Betreiber von WLAN allgemein trifft."

2. The 100 euro is not for copyright infringement, but rather it seems that in Germany the reciever of a DMCA-like notice is liable for up to 100 euro unless they can either a) Point the blame to someone else or b) Pass some standard of having done everything reasonable to avoid damage. That's at least how I read the law:

" 97a Abmahnung

(1) Der Verletzte soll den Verletzer vor Einleitung eines gerichtlichen Verfahrens auf Unterlassung abmahnen und ihm Gelegenheit geben, den Streit durch Abgabe einer mit einer angemessenen Vertragsstrafe bewehrten Unterlassungsverpflichtung beizulegen. Soweit die Abmahnung berechtigt ist, kann der Ersatz der erforderlichen Aufwendungen verlangt werden.

(2) Der Ersatz der erforderlichen Aufwendungen für die Inanspruchnahme anwaltlicher Dienstleistungen für die erstmalige Abmahnung beschränkt sich in einfach gelagerten Fällen mit einer nur unerheblichen Rechtsverletzung außerhalb des geschäftlichen Verkehrs auf 100 Euro."

The key sentence here is "Soweit die Abmahnung berechtigt ist, kann der Ersatz der erforderlichen Aufwendungen verlangt werden." which translates to something like "When the warning is justified, compensation for the relevant expenses can be demanded." The second caps it to 100 euro for simple cases.

The "equivalent" in Wired Equivalent Privacy

[tepples]

The German counterpart to the RIAA is Bundesverband Musikindustrie e.V.

would WEP or WPA-TSK count as "adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,'?

There's a reason why they call it "wired equivalent privacy". It's supposed to be as hard to break as entering the premises and using a wired Ethernet port.

Re:Interesting take. What should I do?

[swillden]

However - I don't *believe* that any state in the US considers a bow to be a weapon.

Umm, I'd be surprised if there is any state in the US that *doesn't* consider a bow to be a weapon. It certainly is in my state (Utah). Here's the relevant section of the code:

UCA 76-10-501(6)

(6) (a) "Dangerous weapon" means any item that in the manner of its use or intended use is capable of causing death or serious bodily injury.
(b) The following factors shall be used in determining whether a knife, or any other item, object, or thing not commonly known as a dangerous weapon is a dangerous weapon:
(i) the character of the instrument, object, or thing;
(ii) the character of the wound produced, if any;
(iii) the manner in which the instrument, object, or thing was used; and
(iv) the other lawful purposes for which the instrument, object, or thing may be used.
(c) "Dangerous weapon" does not include any explosive, chemical, or incendiary device as defined by Section 76-10-306.

In the case of a bow, I don't think the court would even bother looking at the criteria in (6)(b), since a bow is clearly an item whose manner of use is capable of causing death or serious bodily injury.

Every state whose weapons laws I've examined (and the number is at least a half-dozen) has a similar broadly-applicable definition of "dangerous weapon", though they often use other terms.

BTW, the reason (6)(c) excludes explosives, etc. isn't because they're not dangerous or can't be weapons, it's because they're classified differently, and have more severe restrictions associated with them.

Ridiculous

[Elixon]

Same as fining the bus driver for transporting the bad guy who later stole valet and took the bus to get back home. Is driver responsible for whom he transports? Should the driver secure the buss against unauthorized third parties abusing the law?

Should not be the securing of the valet (copyrighted material) be responsibility of the owner?

Re:Ridiculous

In Arizona if you transport illegal immigrant you can be charged. It should apply to bus drivers too.

Legal to sell an unsecured router?

If it's illegal to use the WiFi router on the settings it's sold on then surely the product itself is illegal? I'm not sure how the law works in this area, but wouldn't the retailer be responsible for selling a product that doesn't comply with the law straight out of the box?

(Maybe this point has already been raised, but too many comments to check)

Re:Legal to sell an unsecured router?

Sure, just like they'd be liable if their product didn't comply with the EMI regulations.

Re:Interesting take. What should I do?

[Runaway1956]

Interesting.

But, it's broadly worded enough, that MacGyver or any special forces who can make a weapon out of pocket lint are going to be shafted no matter what. ;^)

California is just like Texas

Someone trespasses onto your property, it doesn't matter how your weapons were stored, its their ass, not yours, BUT, if you invite kids onto your property and your weapons are not secured, only then is it your ass

Sue the music industry

[nlawalker]

He should sue the music industry for distributing the music in the first place. After all, if they hadn't sold it, it wouldn't be available to steal.

Then, the industry can turn around and sue the musician for the same thing.

Re:Odequately secured or just secured?

[91degrees]

Well, typically this sort of thing has a test of reasonableness applied. Since someone clearly logged on without trouble, this is not adequately secured. WEP probably is. It's breakable but most people aren't going to go to the effort. The prosecution would need to demonstrate that it wasn't adequate to keep people out. There aren't enough people regularly breaking WEP for this to be an issue. If there were, and it was well known that there were, then he could presumably be fined.

Bad Analogy

[tobiah]

There's a big difference between profitless civil copyright infringement and a violent felony. This is more like someone sneaking across your yard to photograph some pages of a book your neighbor carelessly left out on their deck. Except even That constitutes a greater crime, with criminal trespass, etc. If anything the police should be investigating the person who accessed the WiFi point without the owner's permission. I don't have a fence around my front yard, but that shouldn't be construed as an open invitation to have a picnic in it.

Re:Interesting take. What should I do?

[swillden]

Interesting.

But, it's broadly worded enough, that MacGyver or any special forces who can make a weapon out of pocket lint are going to be shafted no matter what. ;^)

Yeah. But the other side is that if it were any more specific it would exclude things that people pick up and use as weapons. The fact is that darned near anything can be a dangerous weapon, it's more about what you do with it than what it is (regardless of what the TSA thinks). So, the laws are worded broadly enough that anything used as a dangerous weapon legally qualifies as a dangerous weapon, as well as anything that clearly is a dangerous weapon (like a knife, gun or bow).

Then we rely on the judges not to shaft people who weren't really doing anything objectionable.

It's an imperfect world.

A few thoughts on this

[Zontar_Thing_From_Ve]

1) Someone posted that the user wasn't actually fined - yet. But he could be fined if the copyright owner goes after him for failing to secure his wireless device. However, in the USA I'd be afraid that somehow the wireless owner would be sued and blamed by the RIAA for whatever happened. Given 2 high profile losses of exorbitant amounts of money by consumers to the RIAA in some relatively recent court cases, a 100 Euro fine would seem like a good deal.

2) I'd bet that the mysterious unnamed artist is Prince. He's been known to go after Europeans (ask The Pirate Bay) in European courts. And for a guy who for a while was an early embracer of the internet and used it to make money, he's turned into a fuddy duddy old school technophobe.

Re:A few thoughts on this

[blair1q]

1. I'm betting we know about 5% of the realities of this case, so we have no clue as to the validity of the legal basis for the charge. Which is why I'm not discussing it in serious terms.

2. Prince isn't a technophobe. He's a piracy-phobe. Piracy isn't right just because you're a geek. And fighting piracy doesn't make you any less interested in the value of technology. It just makes you realistic about the criminal minds that are lurking deep in the vast, opaque sea of IP addresses.

Re:Manufacturers to blame? Lack of full regulation

On top of that, I'm going to complain about crummy routers resetting themselves. I've tried to set the security on mine several times, and it always reverts within a few weeks. I'm tired of messing with it. I didn't sign up for monthly homework to keep my router maintained.

More like....

[Hasai]

....the bank accounts of the ambulance-chasers involved.

The Crowbar Effect

[Hasai]

You hit the nail on the head, and pointed-out a classic geek blind-spot:

A thug wants into your encrypted storage unit. Do you actually think he's going to whip-out a bunch of super-sophisticated tools to analyze your hardware and crack the system? No; he's going to whip-out a crowbar and beat you with it until you give him the password.

Hence: The Crowbar Effect. Welcome to the Real World, kiddies....
];)

So...

[JustNiz]

Is there really a law in Germany that all wi-fi networks have to be secured? I personally don't know but it sure seems unlikely that it would be a legal requirement.

If there isn't such a law this guy actually hasn't done anything wrong at all so he could tell the record companies to go screw themselves. Furthermore he should counter-sue for all losses associated with their malicious and ill-advised actions against him.

that's already the law in the US

[jipn4]

You wouldn't be charged for "aiding" a criminal (which requires intent), but you might be liable for negligent entrustment:

http://injury.findlaw.com/defective-dangerous-products/defective-dangerous-products-law/firearms(1).html

It's the same thing with a lot of other dangerous things: nuclear materials, poison, explosives, etc.: you need to store them reasonably securely, both to prevent accidental use and to prevent theft.

So call me an idiot Re:actual judgement

So call me an idiot, but why are we actually securing our wireless, again?

There's really no sane reason to do so, that I can think of, short of earning ISPs and the MPAA/RIAA's of this world more money than they're entitled to.

(Assuming that your computers are adequately secured themselves)

Re:So call me an idiot Re:actual judgement

[Tom]

So call me an idiot, but why are we actually securing our wireless, again?

I, personally, secure my Wifi (WPA + Mac filtering) because I don't want any jerk down the street on my internal network. It means I don't have to bring every device in the network up to the security standard of being in an open, potentially hostile, network. Remember that there aren't just computers in most home networks. There's a network-enabled printer and some remote speakers in mine, for example.

In other words: It's less effort for me.

predictable and unavoidable

[jipn4]

If you're going to punish people for things they do on the Internet, then holding operators of open WiFi spots liable is really the only logical consequence--otherwise you could rarely prosecute.

Germany is somewhat ahead of the curve since Germany effectively has no anonymous speech anyway as far as the government is concerned (phone, internet connections, etc. are all registered with the government). But the same kind of liability is likely going to start appearing in the US if we aren't careful.

Re:So what about a Starbucks that offers free wifi

[joh]

Or is that illegal in Germany?

Lets up the status even more. How about a public library that offers free wifi?

Nothing of this is or was illegal. It was just terribly unsure what happens if someone uses such a service for illegal things.

By the way, free WiFi here in Germany is very much getting rarer month by month. No one really knows how to handle the legal implications and in more and more places there is no free WiFi anymore.

Respectfully disagree.

[professorguy]

but there's a real world out there, and it's far more important than the fucking internet.

I disagree.

There's a world out there because we have knowledge that lets us build it. That knowledge is MORE important than the thing itself. If we lose the electric power, we can begin work to restore it. If we lose the KNOWLEDGE OF ELECTRIC POWER, it will never be restored again.

The internet represents access to all accumulated human knowledge. It is more important than anything we have ever built.

Come out to my neck of the woods. If you are injured and call and ambulance, it'll be here in about 40 minutes. But using the internet to get the information allowing you to deal with the injury takes only 40 seconds. WHICH IS MORE IMPORTANT NOW?

Re:Respectfully disagree.

[sexconker]

Damn you're a moron.
The "internet" exists very much in the physical world and is very much dependent on the real world.
There is tons of information in physical form. People have first aid kits and medical books for a reason.

If knowledge is lost, someone will simply reacquire it, as it was acquired the first time. Such is the nature of our species.

The internet is nothing but a convenience.
Water? Heat? Transportation? Necessities.

Efficient

[speciesonly]

Let us not all forget that this is a country where if you tried to sue someone because your child did something stupid.....you would be dismissed and then fined for bringing "frivolous legal action". German courts don't like to have their time wasted especially if you don't watch out for your own self.

You're right that everyone should do that...

[Benfea]

...unfortunately, what you're talking about is well beyond the technical expertise of a great many people. Most users don't know a monitor from a computer and they're expected to be tech cops for the movie/music/games industries?

Re:Off topic, but

[Runaway1956]

Best thing for all concerned is, if you don't respect other's property, don't go to Texas. You'll get into serious trouble real quick. On the other hand, if you DO respect other's property, you should get along just fine. It isn't like people are being blown away without good reason, by law abiding citizens. Criminals, on the other hand, whether they be citizens or illegal aliens, have no problem blowing people away without good reason - and the gun laws that Texas DID have were relaxed to deal with that little problem.

Meanwhile on Slashdot...

Everyone posting is starting with a Score:3.

C'mon...

[ElusiveJoe]

Everybody knows, that GPL/CC is communism and that *IAA organizations are acting in our interests!

This is just the beginning!

[Dj_fishlover]

Just you wait until somebody is sued because her or she didn't cover their windows so somebody could take a picture of a Mickey Mouse poster and share it with the world.
Or when somebody sings "Happy birthday to you" using your telephone.

BGB?

Really? What part of the Bürgerliches Gesetzbuch (BGB) are you referring to? Or did you just apply Anglo-American "Common Law" to a German case?
Like the majority of the world's countries Germany uses the "Civil Law" system (Roman).

Re:Interesting take. What should I do?

[GameMaster]

Again, IANAL, but from what little I've read of the Illinois laws on weapons I'd be, extremely, surprised if a bow wasn't considered a weapon. On top of guns and knives over X inches long, many states also have laws regarding things like saps, "sand clubs" (blackjacks), and other kinds of bludgeons. Often these laws come into play in claimed self defense situations.

For instance, in Illinois you can defend yourself with a hammer if you happen to be attacked while doing work on the house or if you are a contractor for a living and get attacked during the work day. However, if you're just a paranoid nut that carries a claw hammer around for "self defense" then my understanding of Illinois law is that it would be considered an illegal "bludgeon".

My point here is that if they have special laws regarding stuff like that, I find it very hard that they wouldn't have laws regarding bows.

How was he caught?

[will_die]

Reading one of the articles mentioned that one song was downloaded while he was gone. I presume that more then one person in germany is pirating music, videos,etc so how in the world was this person singled out?

Re:Manufacturers to blame? Lack of full regulation

[datadefender]

In Germany most WLAN Routers ARE sold with encryption enabled. The Top selling brand here is AVM with their "Fritz-Box". That has WPA2 on by default and the key is different for every device sold.

He wasn't fined

[dave87656]

The case with the defendent was settled many years ago when the court found that he could not be held liable for doing what any novice would do. And, at that time, it was not trivial for a novice user to know how to set the password or even that the password must be set. The network was not open, but the password was left unchanged and, at that time, the mfg had the same default password on all routers.

However, the case was brought up again as a case of interest to set precedent for future cases where the court found that today a novice user should be able to create a secure network, mostly because, routers are delivered that way by default, with unique passwords for routers and WPA2 Personal as default.

Some times the /. headings are a little misleading.

Wrong analogy

More like you leave your door open (not just unlocked), place a big poster that you can get weapons in your house and go on vacation.

By the way. This is a good thing, people should be forced to secure their networks when they are exposed to the public. The damage could have been much, much worse then some copyright infringement.

Shouldn't

[Frigo]

Shouldn't the recording industry be sued instead, for not securing their songs enough to prevent downloads?

Re:I see; McKinnon's Defence

Now McKinnon can pay for his legal defence by suing the USAAF for leaving it's networks in an 'insecure state'.

The German Approach

[StCredZero]

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

Germans will actually fine you for just being stupid. You can actually get fined for running out of gas.

Judicial explanations

You find some judicial explanations of this case here: http://www.undergermanlaw.com/disturbance-liability-the-reason-for-wlan-restrictions-in-germany/ (Explanations by a german lawyer, written in english)

Re:So what about a Starbucks that offers free wifi

[gurps_npc]

There ARE no legal implications. Citizens are NOT required to prevent other citizens from engaging in crimes, nor are they required to detect/or even watch out for it. If someone leaves a wifi open, then no one can tell if a crime has been done and that does NOT mean the person that left the wifi open committed a crime.

Re:So what about a Starbucks that offers free wifi

[joh]

There ARE no legal implications. Citizens are NOT required to prevent other citizens from engaging in crimes, nor are they required to detect/or even watch out for it. If someone leaves a wifi open, then no one can tell if a crime has been done and that does NOT mean the person that left the wifi open committed a crime.

Right, but as soon as someone uses an open WiFi AP to do something illegal the owner of that AP can and will be required to secure it and then the open AP is gone. That's it.

If for nothing else...

[rgviza]

Picture this scenario:
you leave your wi fi unlocked
perv uses your wi fi to download kiddie porn
feds trace it back to your connection
feds remove all of your equipment, dvds, video tapes, cds, thumb drives, and every other storage you own to gather evidence
you get arrested for suspicion of child porn consumption and need to post bail
all of your friends find out because someone reads the police blotter
your storage devices and computers sit in the FBI evidence room for a year while they take their sweet old time getting to you
eventually they look for the porn on your storage devices and find nothing
they return your gear to you, due to lack of evidence and suggest you lock your wi fi down
you get to enjoy coming up in google results for a child porn arrest forever, most of your acquaintances think you are a child molester and believe you are guilty of something
because you got arrested on suspicion of child porn, you probably lose your job and none of your former co-workers will talk to you.

Isn't it easier to just set a password? Just sayin'... The gov tends to shoot first and ask questions later, within the limits of the constitution, of course.