Judge Rules Sniffing Open Wi-Fi Networks Is Not Wiretapping

An anonymous reader writes "Ars reports on a decision from a district judge in Illinois, who ruled that sniffing traffic on an unencrypted Wi-Fi network is not wiretapping. In the ruling, the judge points out an exception in the Wiretap Act which allows people to 'intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.' He concludes that 'the communications sent on an unencrypted Wi-Fi network are readily available to the general public.' Orin Kerr disagrees with the ruling, saying that the intent of the person setting up the network is important: 'No one suggests that unsecured wireless networks are set up with the goal that everyone on the network would be free to read the private communications of others.'"

I agree

It's wireless tapping... D'oh.

Odd...

[fyngyrz]

...because listening to unencrypted cellphones is illegal.

I think that the difference between your conversations and pizza ordering on an analog transmission and on a digital one WRT 4th amendment protection should be zero.

Re:Odd...

[bhcompy]

Because you have an expectation of privacy

Re:Odd...

[russotto]

Unencrypted cellphone conversations are protected by other special legislation, so the exception the judge relied on doesn't come into play. Personally I think Kerr is way off base, he talks about the intent of the designers, but the law says nothing about "intended", it says "that is configured..." -- it's talking about the actual situation, not the intended one.

He cites Tapley v. Collins (ruling that unencrypted cordless phone conversations were protected), but that's only a district court case; IMO it was decided incorrectly.

Re:Odd...

[fyngyrz]

I'm not sure where that is in the 4th amendment.

Even so... I think most people *do* have an expectation of privacy when they're receiving and sending email, surfing the net, etc. We -- as technical types -- may be very cynical about just how naive that expectation is, and particularly so if you incorporate an awareness of all the government "finessing" of 4th amendment issues, but my feeling is that the average person would be quite startled if you walked up to them and told them you knew what they'd sent via email the previous evening.

Re:Odd...

[michael_cain]

Cites, please? And is the statute (illegal implies it's either in statute or a regulatory rule with the force of law) specific to cell phones? Back in the day, when I paid some attention to this type of thing, the case law was pretty clear that if you transmitted unencrypted material you had no expectation of privacy, hence no wiretap order was needed.

Re:Odd...

With enough ignorance, you can have an expectation of anything in any situation at all. The intent of "expectation of privacy" is that it's to a reasonably informed person, not to someone who is wholly ignorant of the topic.

I might have an expectation that I could step into an operating theatre and perform a successful heart transplant. I mean, how hard can it be? But that is based on my own ignorance, and has nothing to do with reality. The "expectation of privacy" clause should be interpreted in the context, "... by those who have some notion of reality", or it's completely meaningless, because ignorance knows no bounds.

Re:Odd...

[fyngyrz]

Let's just review this little bit of law:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized

...email is a facet of today's "papers", as the telephone was a facet (which congress recognized with explicit telecommunications laws... which appear to me to be redundant, but that's just me.)

The thing about our right of security is that it isn't about hardening. If I don't lock my door, that's not an invitation for you to come in and raid my refrigerator. If I write my papers in English, that's not an invitation for you to read them and walk off with my banking info or anything else. If a lady wears a dress, that's not an invitation for you to look up it. In all cases, the boundary can be trivially hardened: I can lock my door, I can write my papers in code, the lady can wear jeans. None of that has any bearing on the expectations of privacy, though -- the boundaries don't move.

This bears on cellphones. The 800 mhz band (was) easily accessible to anyone with a scanner at one point. This was used as an attempt to say that the conversations on that band were not to be protected. basically the argument was there was no hardening. The door was open, in a sense. And the end result was... those conversations were protected by law. Because it isn't about hardening. The analogy is to the mail. It's unencrypted, and the difficulty of reading someone else's mail is basically zero. So "expectations", you would think, would not incorporate privacy. But again, that's just not how we look at things. We consider our details private and inviolate because of what they are, not because of the medium or any level of obfuscation.

Nothing in the 4th amendment says "if you encrypt, you have this right -- if you don't, the right evaporates."

...and I really don't think case law should over-ride clear constitutional specifics.

Re:Odd...

The "expectation of privacy" clause

...is garbage from a time before it was possible to use technology to spy on everyone and record everyone. Now it's being used by the government to justify such actions, and for that it should be thrown out and we need to rethink what is and is not private.

Re:Odd...

[Hatta]

I think most people *do* have an expectation of privacy when they're receiving and sending email, surfing the net, etc.

They may have an expectation of privacy, but what matters is a reasonable expectation of privacy.

Re:Odd...

[fyngyrz]

Sure:

https://www.privacyrights.org/fs/fs9-wrtp.htm

https://www.cdt.org/wiretap/wiretap_overview.html

...this isn't even controversial, though -- it's been this way for many years. They even made it illegal to sell a radio that could receive in the bands where the cellphone transmissions are made.

Re:Odd...

[icebike]

There is a specific law that prohibited manufacturer of scanners capable of receiving wireless phones, and you aren't supposed to publish what you intercepted, but there is no laws again listening.

Wifi is a totally different matter. Beaconsare broadcast precisely so that these networks can be found and encryption is provided as an OPTION.

The implication is clear, that if you turn off encryption you don't care.

I wonder where this judge was hiding during the big Google street view fiasco.

Re:Odd...

[msauve]

He's probably thinking of the "scanner law" (47 CFR Part 15.37(f)), which made it illegal to make scanners which could receive cell calls after some date (not that it matters much since analog cellular went away). Or maybe 18 USC 1029, which requires "intent to defraud."

Neither of which directly make it illegal to intercept calls.

For that, there's 18 USC 2511, which might make it illegal to even listen to the conversation a person next to you is having. ("intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;")

Re:Odd...

[hawguy]

I think that the difference between your conversations and pizza ordering on an analog transmission and on a digital one WRT 4th amendment protection should be zero.

Because you have an expectation of privacy

The problem is that the law gave the illusion of privacy for cell phone calls rather than actual privacy - scanners that can listen to analog cellular were easy to come by even after the ban and there were a number of "private" cell phone conversations made public in the media even after the ban. Some scanners required a simple hardware mod, others could be ordered from overseas sellers that weren't subject to the ban.

It's the same thing with Wifi -- making intercepting unencrypted Wifi transmissions illegal only makes people think that their open Wifi is secure.

Much better to tell people explicitly that it an open Wifi network is not at all private and that the onus is on them to lock it down. After all, the whole point of an open network is that you're inviting people to connect by broadcasting your SSID.

If I open my front door and yell out to the world "Hey, my door is open, come on in! Then I shouldn't be surprised when people come in and read the letters I left sitting in plain view on my coffee table". If I'm going to invite the public to connect to my Wifi network (or come into my home), then I should encrypt (or hide) anything I don't want them to see. A law saying otherwise is just giving people a false sense of security.

Re:Odd...

[fyngyrz]

The intent of "expectation of privacy" is that it's to a reasonably informed person, not to someone who is wholly ignorant of the topic.

I don't think that follows. I don't know what happens to my letters after I give them to the post office; but I still expect they won't be read by the government without a warrant.

When my mother in law picks up the phone, she doesn't know any of the details of how her voice goes down that wire, or is switched, or amplified, put on microwaves, etc... but she still doesn't think anyone from the government has any business at all listening without a warrant.

Our expectations of privacy from government intrusion aren't set by specific technical processes; they are set by the 4th amendment.

Furthermore, I'm convinced that is exactly how they should be set. It's more than a little far-reaching to say that the only valid expectations require a technical understanding of the process involved.

Re:Odd...

[fyngyrz]

...it should be thrown out and we need to rethink what is and is not private.

Fine, there's a provision for just that. The procedure is in article five. Have at it.

Re:Odd...

[The+Snowman]

I think that the difference between your conversations and pizza ordering on an analog transmission and on a digital one WRT 4th amendment protection should be zero.

This isn't about analog v. digital. With an unencrypted cell phone transmission you are still paying for service and not just anyone is allowed on the network. Your phone has an ID that tells the carrier who you are so they can allow you to use the network and to bill you for service.

With an unencrypted wifi hotspot, it is open for anyone to use. Perhaps you may need to purchase something and enter a code in your web browser (although this is more and more rare), but by and large, the wifi owner doesn't care who you are. They are providing a service to anybody, not specific individuals.

Put it this way, with a car analogy. If I lend my car to a friend and charge money, there's no big deal. But if I advertise and let anyone rent my car, I am suddenly operating a business and a whole different set of rules and laws apply.

Re:Odd...

[icebike]

The clear constitutional specifics you claim apply only to government, not to your neighbors. They can look into any open window any time they want, and you have no expectations of privacy unless or until you close the blinds.

The constitution wasn't written to control people's behavior, it was written to control government's behavior.

Re:Odd...

[fyngyrz]

but there is no laws again(sic) listening

18 USC 2511

Re:Odd...

[fyngyrz]

Also 18 USC 2511

Re:Odd...

[cpu6502]

>>>because listening to unencrypted cellphones is illegal.

Not in my state. You only need the consent of one person. That's me and my scanner; I've heard many cellphone, portable, and HAM communications. Besides: Just like TV and radio you are broadcasting "in the open" and therefore have no more expectation of privacy than if you stood on a soapbox and started reading a book aloud.

Re:Odd...

[chill]

Your letters are in an envelope. Think "post cards" instead.

EVERYONE assumes those are read by postal employees. It is ingrained in our culture and was a casual joke used in many TV sitcoms that had post offices in them.

Hell, even one of the Infocom games featured a reference to it!

Re:Odd...

[swillden]

They even made it illegal to sell a radio that could receive in the bands where the cellphone transmissions are made.

Actually, they only made it illegal to sell scanners that could receive the transmissions. It's not illegal to listen, just illegal to sell devices that enable listening. Though in that case because of the law banning the devices there's a good argument to be made that you do have some expectation of privacy, which clearly does not apply in the case of Wifi, since there is no such device ban, nor anything remotely like it.

Also, I think the fact that it is possible (and easy) to enable Wifi encryption means precisely that unencrypted Wifi does not provide any expectation of privacy -- because if you'd wanted privacy you'd have encrypted the Wifi.

Re:Odd...

I still expect they won't be read by the government without a warrant.

Red herring. The topic isn't the government, it's about what everyone else is allowed to do. Restrictions on the government are immaterial to this, and the government is quite often restricted by law in ways private citizens or businesses are not. For this topic, it matters whether one has a reasonable expectation of privacy... reasonable being a key word here. No reasonable person thinks that unencrypted radio broadcasts are private in any way.

Re:Odd...

[cpu6502]

>>>I don't know what happens to my letters after I give them to the post office; but I still expect they won't be read by the government without a warrant.

That don't need a warrant. I've had a few of my letters & packages opened and resealed. Once the item leaves your hand it's no longer protected from government spying.

Re:Odd...

[fyngyrz]

You're confusing expectation of privacy (being secure in your papers) with encryption (hardening access.) They're not the same thing at all.

Consider unencrypted mail, telephone conversations, an unlocked door to your house, the banking papers in your desk.

Our expectation is that there are boundaries here that are not to be crossed, and it isn't because they're hard to cross, or they exist only when made harder; further, our "sense of security" isn't derived from the existence (or not) of technical means to access these things; it's about the government being forbidden to cross these lines without a warrant.

When you say that access should be granted because it is easy, you're entirely missing the point.

Sure, the government has the means to get at the information -- and it's easy for them.

The point is, they're forbidden to do so without a warrant.

Re:Odd...

[fyngyrz]

My letters are indeed in an envelope; so are my internet communications. Several levels of envelope, in fact. An email package addressed to the recipient on the one hand, and packets containing the data as well. In fact, it's a lot easier for the average person to open the physical envelope and read my mail as compared to intercepting my email.

Again, you're confusing hardening of the boundary with the existence of the boundary. The government is forbidden to access our personal information without a warrant. There's no exception in the 4th amendment that says "unless it's easy."

An open door to your house doesn't automatically turn into "you can come in and do whatever you want."

The whole point of the 4th amendment is to set the boundary for the government. It's not about technical means, it's not about easy, it's not about expectations: It's about the government having to comply with a specific process in order to be able to look at your stuff.

Re:Odd...

[flaming+error]

When we understand how something works, it often seems reasonable to think everybody should understand it. But to the majority who feels no need to learn its inner workings, it seems reasonable to just use it and spend their time on what they care about.

So like many things legal or linguistic, we need a clear definition for "reasonable." I suspect there is no objective algorithmic or even legal test for it. If there is one, I'd love to learn it.

Re:Odd...

[hairyfeet]

This is what bugs me about this ruling, sure we geeks know that if we aren't encrypted we are wide open, but how many people hooking their laptop up at the Mickey D's while grabbing their Egg McMuffin are gonna know this? And I still don't get why you aren't allowed to grab cell phones that are unencrypted but are allowed to grab laptops..what's the diff?

Finally let us hope that no matter how crappy this ruling is the plaintiff loses in this case, its another damned patent troll looking to enact tollbooths to every place that offers free WiFi. If this bunch manages to pull it off you'll probably have to whip out your CC just to use that WiFi at the Mickey D's just to cover the patent troll, wonderful. Nothing I hate more on this planet than a God damned patent troll, a leech on the ass of society.

Re:Odd...

That's what you get for being in prison you criminal. That or basic training, they just dont let you use a computer in basic training, so you must be a criminal.

Re:Odd...

[fyngyrz]

Mmmm.... maybe. But generally, just as the government can't read your mail; neither can a private citizen. Just as the government can't tap your cellphone or landline, neither can a private citizen. Just as the government can't arbitrarily enter your home, neither can the private citizen. I think the social standard is clear.

Quite aside from that, this isn't about sharing an open network by establishing your own communications to the net at large; it's about sniffing other people's packets on that network without their knowledge.

So it's pretty clear we are talking about the usual bounds of privacy.

Re:Odd...

[cervesaebraciator]

Exactly. There are many who, having more technical knowledge than the average citizen, say there can be no reasonable expectation of privacy in an unencrypted transmission. It happens that I know of a neat little trick for reading papyri from late antiquity period without unrolling (i.e. destroying) them. It's called x-ray tomography (CT). Because I have this little bit of technical knowledge, I also know that letters can be read without opening them. Were we to follow this "reasonably informed person" line of thinking, interpreting it to refer to those with a technical knowledge not possessed by the average citizen, then letters sent through the mail and not requiring a decoder ring to read would not have a reasonable expectation of privacy. Those who think that the distinction between an encrypted and unencrypted wifi signal is so basic that the average citizen should be expected to know it demonstrate the effects of homophily. Their perception of what people ought to know is shaped by being surrounded by people with a like technical knowledge.

Besides, shouldn't we ere on the side of protecting the individual citizen from potential usurpations and abuses of the legal system?

Re:Odd...

[Fnord666]

Not in my state. You only need the consent of one person. That's me and my scanner; I've heard many cellphone, portable, and HAM communications. Besides: Just like TV and radio you are broadcasting "in the open" and therefore have no more expectation of privacy than if you stood on a soapbox and started reading a book aloud.

If I am interpreting 18 U.S.C. 2511 - Interception and disclosure of wire, oral, or electronic communications prohibited correctly, your interception of these signals becomes illegal the moment you tell anyone about what you heard or take any action in any way based on what you heard.

Please notice that this is a U.S. code, so unless your state had seceeded from the the US lately, it is applicable.

Re:Odd...

[fyngyrz]

Your mail is protected. That the government violate those protections, I won't contest. But it certainly is protected. The 4th doesn't say that your papers must be in your possession. It just explicitly establishes your right for your papers to be secure.

Re:Odd...

[chill]

I disagree with your characterization.

Your internet communications are NOT in several layers of an envelope. They are like post cards, with several rows of addresses. There is no envelope. Everything is written on the outside. They are shouted to the world on open WiFi. Well...at least to the part of the world within radio reception.

I understand what you're saying about the 4th Amendment, but I can easily imagine a gov't agent back in the 1700s following a couple of people and listening as they have a discussion in public.

In all honesty, this is why I advocated WEP -- yes, WEP -- to people who couldn't use WPA. It was, from a legal perspective, a clean signal that my intent was the contents of the transmission were private.

Think of it like an interior, locked door. One of those cheap, hollow doors with a lock you can twist open if you try. The point of the door isn't to keep you out, but to let you know "you aren't supposed to be here unless invited in".

Damn well activate WEP and use the password "abcdabcd" or some such.

This is why my SSID at home is "private_keep_out" and why "No Trespassing" signs are needed.

I think this one falls squarely under the "plain view" doctrine.

Re:Odd...

This cell phone monitoring is the exception. Before the FCC started enforcing a ban on monitoring of cell phone frequencies, the rule was everything sent unencrypted over the air is free to receive. This is why you can monitor police communications, military, numbers stations or foreign shortwave. There are probably plenty of things which the government does not wish us to monitor, but if they don't encypt them or are legally banned from encrypting them, we are free to monitor them.

Re:Odd...

[fyngyrz]

The constitution wasn't written to control people's behavior, it was written to control government's behavior.

Agreed, and this is the best argument (that this was a private company doing the invasion.)

However, it's pretty clear that the same rules that apply to the government land on us in this arena: You cannot tap someone else's phone; you cannot enter their home without their permission; you cannot open their mail; you cannot repeat any communication you inadvertently intercept, and so forth.

IMHO, to say that it's ok to deep mine someone's packets just because they have an open wifi connection... that seems to me to be not just stretching the idea of privacy, but breaking it completely.

Re:Odd...

[hairyfeet]

But playing devils advocate here those laws are to protect you from the government NOT private citizens which is what we are talking here. This is why we had to have special communications laws passed for cell phones, because otherwise while the government couldn't do it they could just as easily hire a private corp to do it and be totally legit, just as this private company can pick up anything being broadcast over WiFi since they are not a governmental agent nor working for one.

Don't get me wrong, I still think this sucks balls, but it looks like this is one of those cases where we are gonna need to pass a law that covers private citizens accessing these signals because the current laws simply don't fit the situation.

Re:Odd...

[fyngyrz]

That's not correct. You need the consent of one of the parties to the conversation. That's not you and your scanner.

Re:Odd...

[Wrath0fb0b]

Our expectations of privacy from government intrusion aren't set by specific technical processes; they are set by the 4th amendment.

You are saying that the 4A protects us where we have a reasonable expectation of privacy but then that REP is set by the contours of the 4A. That's circular.

Here's a good overview of the way the Supreme Court has expanded and operationalized the test for REP:

The Fourth Amendment protects reasonable expectations of privacy, but the Supreme Court has refused to provide a consistent explanation for what makes an expectation of privacy reasonable. The Court's refusal has disappointed scholars and frustrated students for four decades. This article explains why the Supreme Court cannot provide an answer: No one test can accurately and consistently distinguish less troublesome police practices that do not require Fourth Amendment oversight from more troublesome police practices that are reasonable only if the police have a warrant or compelling circumstances. Instead of endorsing one single approach, the Supreme Court uses four different tests at the same time.

Re:Odd...

[meta-monkey]

But an open door to a house DOES mean you can look through it. It is not reasonable to expect privacy on something called an "unsecured wireless network."

Re:Odd...

[Urza9814]

So I spent an entire day configuring my wifi access ponit such that it was publicly accessible when I got my new internet service (pain in the ass with Verizon's router/modems -- like playing whac-a-mole; disable one type of security and it turns on another!) and you're saying it should be illegal for anyone to actually make use of that? That's the problem -- the counter-argument to this decision seems to be that intent is all that matters, but you can't possibly know that intent! Cellphones are different -- any packet coming from my router may be intended for you to receive. Any packet coming from my cellphone is obviously intended for the tower. Plus, aren't cell phones in licensed spectrum?

Re:Odd...

email is a facet of today's "papers"

If you send an email unencrypted to my mail server, I have every right to read it. It doesn't matter if you sent it to someone else, it's on my hardware. Your analogy is fatally flawed, because email is closer to a postcard than a letter in an envelope. You clearly don't understand the basics of the protocol.

Do you really leave the house without locking your door? I don't know anyone who does that. But hey, it's illegal for someone to come in, so that's protection enough... right?

Re:Odd...

[Urza9814]

Also, wifi doesn't work if you can't receive open signals from others. I mean, what you are proposing would be to make it illegal for a computer to scan for wifi networks. No network could broadcast it's SSID -- or, more accurately, it COULD but it would be illegal for anyone to receive that packet...so there would be no point. That would break a lot of things. No more walking into Panera or Starbucks or a hotel and connecting right to their network -- you'd have to get the network information off of some posting and manually input that into your computer. No more automatically connecting to your home network as you walk in the door -- your phone couldn't legally look for that SSID being broadcast (because it wouldn't know what SSID it was until it opened the packet, and if that packet came from any other router it would be criminal wiretapping.) No more seamless transitions between routers -- back when I was in college we had a wifi network that spanned the entire campus -- it was public wifi with a VPN required for access. I could start a download in one class, put my laptop (running) into its back and walk across campus and my laptop would automatically connect to each new wifi access point along the way, keep the VPN connected and continue the download. If it was illegal to receive publicly broadcast signals, it would be illegal for my computer to do that -- I'd have to manually reconnect to each router along the way.

Re:Odd...

[fustakrakich]

Nothing I hate more on this planet than a God damned patent troll, a leech on the ass of society.

I don't know how to change a person's behavior when bad behavior is so well rewarded. You do understand the mechanics behind it, right? Press the right button, and out comes the pellets... Why does everybody want to reverse the laws of nature?

Re:Odd...

[Hatta]

And I still don't get why you aren't allowed to grab cell phones that are unencrypted but are allowed to grab laptops..what's the diff?

You're absolutely right. It should be completely legal to intercept cell phone signals that are broadcast in the clear. This will promote actual encryption of cell phone signals, which is better than legal protection in any case. It doesn't matter whether it's legal or illegal to eavesdrop on my phone if it's impossible.

Re:Odd...

[hawguy]

You're confusing expectation of privacy (being secure in your papers) with encryption (hardening access.) They're not the same thing at all.

No, I'm pointing out that using law to grant people an "expectation of privacy" doesn't give them anything. The government could pass a law saying that it's illegal to eavesdrop on conversations in restaurants, yet people would understand that they should not conduct private conversations withing earshot of other patrons because they realize that the law gives them no real protection.

However, when it comes to technology, people think that the law actually offers something, much like the law that made it illegal to listen to analog cell phone transmissions even though they were broadcast without encryption - users thought that they were safe and secure and conducted credit card transactions and other business over cell phones despite having no real protection at all.

If the government had just said "Sorry, unless your carrier encrypts your cell phone transmissions, they are fair game for anyone to listen to", many people either would have pushed their carriers for encryption and/or stopped conducting private business over open communications channels.

Re:Odd...

[TheGratefulNet]

An open door to your house doesn't automatically turn into "you can come in and do whatever you want."

that is a good capsule summary. quotable, even.

similarly, people *could* sit out front of every street corner and watch as cars go by and record their license plates. we were saved this intrusion, years ago, because it was not technically possible (manpower limits). now, the scanning does not need manpower. every plate could be scanned at every street corner, across the globe. is this really the society we want to live in? it is headed that way, by all accounts.

just because its technically possible, does not mean its *right* to do.

every time the government wants more rights into your life, you have to *really* think about the long term implications and that, once you give them this or that key, it will never be yours again.

do you really want to *share* your life with the government? ..and that would be my capsule summary for my post ;)

Re:Odd...

[russotto]

The clear constitutional specifics you claim apply only to government, not to your neighbors. They can look into any open window any time they want, and you have no expectations of privacy unless or until you close the blinds.

The cops can look in your open window any time they want too, if they don't use any technological aids like binoculars (and sometimes if they do). That's the plain sight exception. You may have an expectation of privacy when standing in front of your open window, but it's not one the courts have found reasonable.

Re:Odd...

[tsotha]

And the end result was... those conversations were protected by law.

When you say "protected by law" do you mean they were found to be protected under the constitution or that protection was legislated? Because the latter case would undermine rather than support your argument.

Re:Odd...

[Jane+Q.+Public]

"I understand what you're saying about the 4th Amendment, but I can easily imagine a gov't agent back in the 1700s following a couple of people and listening as they have a discussion in public."

You still aren't getting it. When you have a conversation in public there is no reasonable expectation of privacy. Anyone can hear you. When you have a telephone conversation, however, it takes special effort and equipment to listen to your conversation. So it is rather reasonable to expect your conversation to be private. Whether it is a cell phone or land line. (All cell phone traffic is "encapsulated" in packets even when it is not encrypted).

And so is WiFi traffic. While your WiFi might be open, and so it is easy for anyone to detect it or use it (anybody can see you using your cell phone, or borrow it if you let them), actually determining the contents of the communication (i.e., both sides of the "conversation") is another matter. Even your typical sniffer won't do that. It might record those contents but making sense of it takes further work.

So, what it boils down to is that telephone calls and internet traffic are not like public conversations. It takes special effort and tools to intercept those communications. That leads straight to a "reasonable expectation of privacy".

Further, there are already Federal laws against law enforcement using any electronic means to determine any activity in your household that is not readily visible from the outside. Internet use would certainly fall into that category of activity. So this judge's ruling would likely lead to a perverse (but not unheard of) situation in which a regular citizen could intercept communications legally but law enforcement could not.

Re:Odd...

[Jane+Q.+Public]

"That don't need a warrant. I've had a few of my letters & packages opened and resealed. Once the item leaves your hand it's no longer protected from government spying."

Yes, they do. Whether they actually get one is another matter (we know the government has broken the law at times), but legally they need either a warrant or probable cause.

Re:Odd...

[chill]

And your arguments aren't really on target.

*Lending* someone a cell phone is not that same thing, since you don't have to lend anyone wifi equipment.

And as far as activity in the household not readily visible from outside...that is the point. Wifi is readily available outside the home. I can stand in the public street and pick up most signals.

You are broadcasting an open radio signal that reaches into public space. Sitting in that public space and LISTENING to it is, as far as I'm concerned (and I'm a paranoid libertarian), considered in plain view.

Traffic is encrypted for a reason. This is why SMTP, POP3 and all the other protocols have SSL options. I can't name one major provider that doesn't have an SSL options.

This is why we have "SSL Anywhere" as a program and use HTTPS for connecting to online banking.

If you want privacy, you must at least close your door or even your curtains. A cop can stand in the street and if you have a huge window and no curtains, if he can see a bag of pot on the table in plain view he can grab it.

Re:Odd...

[ATMAvatar]

At a high level, my cell phone transmits calls no differently than my computer transmits emails - in both cases, the contents of the communication is sent unencrypted through multiple routers I do not control. Anyone with the equipment and the know-how could intercept both. However, somehow one form is protected and the other is not.

I always found it odd that this "expectation of privacy" that allows the government to snoop on certain communications is defined by whether or not the government is already known for widespread snooping of the medium. We don't expect email has any privacy because it has been known for some time that there is widespread government interception of email, not because they are post cards. Somehow, cell phones got grandfathered in under the umbrella of land-line phones.

The post card comparison is disingenuous because it ignores the fact that you are sending it through a government network (the post office) in addition to the contents being visible to handlers. You know beforehand that the government is handling your mail and may see the message. If the government was single-handedly hosting the telephone network and the internet as a whole, then the comparison would be valid.

As the government is not hosting even a single cell tower, I would not normally expect them to intercept my calls. As it does not host any of the major internet links, I would not normally expect them to intercept my email. As they are not hosting wireless hot spots, I would not normally expect them to be listening to my wireless communication, either. It takes deliberate effort to intercept communication in any of these media, so it is reasonable for the average person to assume that such interception does not normally occur. That it *does* occur on a regular basis on every one of the above media should be a subject of far more outrage than we see.

Re:Odd...

[Jane+Q.+Public]

This.

Our law is supposed to be based on actions and beliefs of the theoretical reasonable, common man (person). Those with technical knowledge beyond the norm are not the standard to judge by.

Because it takes knowledge, equipment, and effort beyond the "common" to intercept the contents of wifi traffic, or a cell phone call, or a land telephone call, we have good reason to expect those communications to be private.

Re:Odd...

[Jane+Q.+Public]

To maybe be clearer:

Access to my open wifi is intended to be public. My own communications that go through it are not intended to be public.

I think the judge erred in not distinguishing between the signals themselves and the communication content of those signals.

Re:Odd...

[tgibbs]

You can certainly put your email in an "envelope" that would indicate your intention to keep them private. A good way of doing this would be to encode them, such as with PGP. Sending them in plaintext, on the other hand, which can be read by any system administrator between you and the destination, argues that you have no serious concern about keeping them private.

Re:Odd...

[Qzukk]

Funny, I read your link but all I saw was instructions for granting the government permission to read my email.

Re:Odd...

You know that it needs unreasonable amount of special consideration to read your private mail? How does it contradict what was said?

Compare and contrast "I know that anyone with eyes can read my postcard". Or "I know that anyone with a wi-fi adapter can see my unencrypted wi-fi packets" and "I know you need aircrack and patience to read my WEP encrypted wi-fi packets"

Re:Odd...

[Jane+Q.+Public]

"*Lending* someone a cell phone is not that same thing, since you don't have to lend anyone wifi equipment."

You are lending them the use of it. You are *allowing* them to use it. You are splitting hairs here that are so fine they may not exist.

"Wifi is readily available outside the home. I can stand in the public street and pick up most signals."

No, you are still missing the point. The signal is readily available... but the contents of those signals are not readily available. It takes special knowledge and equipment to intercept those signals. Sure, those things are: an adapter that can be put into monitor mode, and some sniffing software. Easy to get if you know what you're doing. But the whole point here is that you have to know what you are doing. As simple as it may be to YOU, this is "technical" knowledge that the average citizen does not possess. It is the "average citizen" standard we must go by, not YOUR technical knowledge.

"Sitting in that public space and LISTENING to it is, as far as I'm concerned (and I'm a paranoid libertarian), considered in plain view."

You can listen to it all you like, and it would be unintelligible gibberish. You need additional knowledge and at least the right software to actually intercept the content. That is the whole point.

It actually takes far less knowledge and far simpler equipment to tap a land-line telephone than to intercept wifi content. So by your logic, it should be legal to tap telephones. After all, the wires are right there in public. You can see them on the poles and running to the houses, with your own eyes. No electronics needed.

The point that you have not seemed to get is that it takes deliberate effort to perform such an interception. Someone just walking past with a standard wifi adapter and standard software (probably 98% of the community) would NOT be able to do that. They would have to have particular knowledge and equipment, and make a deliberate effort to do it. Just as someone walking past your house would need to make a deliberate effort to tap your telephone.

"A cop can stand in the street and if you have a huge window and no curtains, if he can see a bag of pot on the table in plain view he can grab it."

Not in this state he couldn't. That is... he could, if he were just walking by and glancing in. But if he were standing there, staring through my window, watching what I do, that is illegal "surveillance" in this state and he (or anyone else who did it) can be prosecuted for it.

Again, the difference is whether it is something that you might just casually pick up as you stroll by, versus a deliberate effort you put forth in order to determine my activities. The latter is generally accepted by society to be wrongful and harmful, unless it is done by law enforcement under authority of a judicial warrant.

Re:Odd...

[jklovanc]

When my mother in law picks up the phone, she doesn't know any of the details of how her voice goes down that wire, or is switched, or amplified, put on microwaves, etc... but she still doesn't think anyone from the government has any business at all listening without a warrant.

The difference is that your grandmother did not net up the wireless hub and she did not select that phone line from a number of available ones (even though it was not encrypted). A standard phone line is not"readily accessible to the general public". It requires physically tapping into the lines.

Intent is meaningless in privacy issues. I could stand at a corner shouting down the street with the intent of my friend hearing. The fact that everyone else can hear it too is irrelevant to my intent. If one's intent is to communicate privately over wireless then encrypt it.

In the end, if one chooses an unencrypted wireless connection than one is broadcasting to everyone.

Re:Odd...

[Jane+Q.+Public]

"If you want privacy, you must at least close your door or even your curtains."

That's a very good analogy. Because in order to intercept someone's wifi communications, you need the technical knowledge and equipment, and to make a deliberate effort to do so. And you call that "public".

By the very same logic, I can say that I could use my special knowledge and some lockpicks, and pick your door lock in only a couple of minutes.

Should I then consider your living room to be "public"?

Re:Odd...

[daytonduck]

Because you have an expectation of privacy

If you take the effort to make sure that your wireless transmissions are sent using an encrypted protocol, whether it's encrypting all traffic to the router, or just certain web browsing sessions, then you have an expectation of privacy. Otherwise, it is IDENTICAL to when someone turns on a CB radio and keys the transmitter. Just because you don't KNOW that everyone nearby can listen to the transmission is irrelevant. The literature is abundant and clear on the fact. When using any technology, whether it's flint to build a fire, bow-and-arrow, automobile, or a sophisticated computer, you have a responsibility to use it in the manner you want. Protestations based on ignorance do not absolve you of the responsibility to properly use your equipment.

Re:Odd...

started out on the other side of this argument but you've changed my mind, and the last sentence above was the clincher for me.

Re:Odd...

Err, no, it requires much more knowledge, intent and work to tap a phone line. To "invade your privacy" over wi-fi all you need is a run-of-the-mill adapter and "Automatically connect to public networks" setting.

There was a case about contents of WiFi already. It goes like this: person A had open wifi. He also had a shared folder with child porn. Person B connected to is wifi, found the shared folder and notified the police. Police came over, connected to wi-fi and arrested him. "A" argued that the evidence was obtained against the law, but judge denied this, ruling that there was no expectation of privacy.

How do you even distinguish between listening to signal and content? Following your reasoning, it's legal to sit behind someone talking, but it's illegal to listen and understand.

Re:Odd...

[chill]

The lock is a method of keeping people out, like ENCRYPTION. A plain signal radio broadcast is not. The signal is in public space. This is why satellite providers ENCRYPT their signals.

LISTENING to a radio signal ON PUBLIC PROPERTY is not the same as ENTERING a private house.

Re:Odd...

The fun fact is you don't! Any WiFi adapter will do, and if you don't take care, many programs will already betray your privacy by broadcasting stuff to all devices on your WiFi LAN.

Hey, I thought my walls are sound-proof, why the fuck are y'all listening???

Re:Odd...

[icebike]

Actually you can use some coms in any way you want, such as unencrypted coms of police and fire departments, and any meant for public consumption. It is explicitly stated that way in the law. An unencrypted wifi is meant for public use.

(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
(ii) to intercept any radio communication which is transmitted—
(I) by any station for the use of the general public, or that relates to ships, aircraft, vehicles, or persons in distress;
(II) by any governmental, law enforcement, civil defense, private land mobile, or public safety communications system, including police and fire, readily accessible to the general public;
(III) by a station operating on an authorized frequency within the bands allocated to the amateur, citizens band, or general mobile radio services; or
(IV) by any marine or aeronautical communications system;

(iii) to engage in any conduct which—
(I) is prohibited by section 633 of the Communications Act of 1934; or
(II) is excepted from the application of section 705(a) of the Communications Act of 1934 by section 705(b) of that Act;

(iv) to intercept any wire or electronic communication the transmission of which is causing harmful interference to any lawfully operating station or consumer electronic equipment, to the extent necessary to identify the source of such interference; or
(v) for other users of the same frequency to intercept any radio communication made through a system that utilizes frequencies monitored by individuals engaged in the provision or the use of such system, if such communication is not scrambled or encrypted.

18 USC 2511 at (g)

Re:Odd...

If your not smart enough to encrypt your wifi by now you deserve nothing.
And if you have left it open I figure it is for a reason others to use.
But spying because you see an open wifi is like looking in my house with a telescope because my curtain is open.

Re:Odd...

[DaFallus]

Does the 4th amendment protect my privacy when I am yelling through the open window at my dogs for pissing on the lemon tree again? I'm certainly not doing it with the goal that everyone within earshot be free to listen...

Re:Odd...

[michael_cain]

Section (1) bans things broadly. Section (2) lists exceptions that are legal. The judge cites Section (2)(g)(i), which makes interception legal if the communication system is configured so that it is readily available to the general public. An unencrypted wifi base station at a location where no physical trespass is needed certainly appears to meet that standard. If things were to go farther, I read Section (2)(g)(v) as saying that even if the wifi is encrypted, anyone who is given the key by the operator can legally intercept the encrypted frames. As soon as the users do their own end-to-end encryption of the packet contents, everything would change.

Re:Odd...

[Jane+Q.+Public]

"Err, no, it requires much more knowledge, intent and work to tap a phone line. To "invade your privacy" over wi-fi all you need is a run-of-the-mill adapter and "Automatically connect to public networks" setting."

That's not even remotely true. My wifi is open, but my network is not.

Anybody can connect to my wifi and get on the Internet. But they can't get into the computers in my home from there.

So your case is very different. If I left my hard drives on an open network that anybody could access just by connecting, I would not have any "reasonable expectation of privacy" either. But that's not what this is about. This is about intercepting internet communications over wifi. In other words, see what web pages I was browsing, and so on. That's another matter entirely, and it does require certain equipment and software. You can't just do it with typical factory laptops or cellphones with typical factory software.

"Following your reasoning, it's legal to sit behind someone talking, but it's illegal to listen and understand."

You can't just connect to my wifi, and see what I am doing on the internet. It doesn't work that way. Even if you do connect to my wifi, you have to actively work to get at that information, using special equipment and software. So no, it's not like just sitting next to someone and listening. It's a lot more like sitting some distance away, but hiding a microphone on one of them.

Compared to the tools needed to listen to somebody's internet traffic, the tools for tapping regular telephones are ridiculously simple. I can show you how to do it with a couple of alligator clips, a $0.25 capacitor from Radio Shack, and a $2.00 transistor radio.

Re:Odd...

[Jane+Q.+Public]

You are still missing the point.

"The signal is in public space. This is why satellite providers ENCRYPT their signals."

That is only HALF of the issue here. No, that is not why they encrypt their signals. Not directly, anyway.

If a satellite company does not intend for a channel to be public (i.e., it is supposed to be subscription-only), then it is illegal to intercept that channel and watch it if you haven't paid. Even if they are NOT encrypted.

They encrypt their signals because they found that the law was not enough, and people "stole" their transmissions anyway. But the point here is that it is illegal, okay? Keep that in mind.

Please explain why open, unencrypted satellite transmissions should be considered "private" under the law, if my own transmissions are not.

Re:Odd...

[tnyquist83]

By your logic, if someone has a public conversation in Chinese, it should be illegal to listen to them since proficiency in the Chinese language is "special knowledge".

If you chose to send your personal information via Wi-Fi, cell phone, or other radio signal, you are sending that information as far as the signal will carry it to whomever is in range. If you were having a loud argument in your apartment, would you expect your neighbors to not listen in? If you send your personal information through someone else's private domain, or through the public domain (whether it is via sound wave, electromagnetic wave, or whatever), you have no reasonable expectation that people within range to receive that information aren't listening to it.

Hardline telephones are completely different as the lines themselves belong to the telecoms. If someone taps a phone line, they are tapping the phone company's private property. If you decide to broadcast to everyone in range, that's your problem.

Re:Odd...

[Elldallan]

What you're claiming is like claiming that someone has an expectation of privacy in public if they speak a different language compared to the national norm, it takes deliberate effort to intercept that discussion as well. You have to understand the language spoken.

Re:Odd...

[JoeMerchant]

I think there's a distinction to be made between the old unencrypted cellphones and modern WiFi.

Back in analog cellphone days, there wasn't much practical way of making the conversations private (SSB isn't much of an encryption...), so, to promote the industry, they legislated the bands "off limits" to common scanners & receivers. Didn't mean that you couldn't buy a scanner and modify it, but the act of modifying the scanner was in some way similar to "breaking into" the "private" bands. Owners of the cellphones had no practical method to "turn on" privacy for themselves.

By contrast, virtually all WiFi hardware commercially sold has at least some form of encryption available. Sure, a lot of it can be broken with minimal effort, but so can the front door of your house, or your windows. There is an expectation in society that "breaking" is "bad." If you're too lazy to lock your house and car, and perhaps leave the keys in the ignition, you're not going to get a lot of sympathy when something bad happens to your stuff, regardless of whether the perp was breaking the law, you made it far easier for them to target you than the average citizen.

What distresses me is the lack of end-to-end encryption in common commercial e-mail and chat programs, the tech was "out there" in 1989 when I took crypto in college... I guess it's no surprise that Facebook and similar exploitations of what used to be private data have done so well, people just don't seem to care if you read their mail.

Re:Odd...

[JoeMerchant]

I had a school principal leave me a voice mail on Vonage... she was shocked as hell when I forwarded the recording in an e-mail to a 3rd party. I asked her if she would have preferred me to paraphrase her in the e-mail? I thought it was important for the full communication to be passed on so I wouldn't distort her words, she was just pissed that what, in her mind, was a passing statement made to me was forwarded in recorded form to her management - she's the one who consented to record the message in the first place.

Re:Odd...

[JoeMerchant]

Transparent envelopes that anyone with a vague interest can look through, scan mass volumes of for words of interest, etc.

If you would at least take the effort to encrypt your message, it would "level up" the expectation of privacy significantly.

Re:Odd...

What in the bloody hell is a "reasonable person"? Ambiguous nonsense.

Re:Odd...

[russotto]

Compared to the tools needed to listen to somebody's internet traffic, the tools for tapping regular telephones are ridiculously simple. I can show you how to do it with a couple of alligator clips, a $0.25 capacitor from Radio Shack, and a $2.00 transistor radio.

The tools to listen to someone's unencrypted wifi traffic are the same as those used to use wifi in the first place.

Re:Odd...

[JoeMerchant]

It takes "special methods" to open most doors, you have to learn how to turn the knob or push the release lever. Just because internet communications are more complex, doesn't mean they are any less open than an unlocked door. For that matter, reading is a whole special skill required to understand written communication, takes years of learning - probably longer than it would take your average college grad to Google up the tools required to listen in on an open WiFi and start scraping out private communications.

"Breaking" occurs when you get out the lock picks, or start trying every one of a thousand possible key shapes that might open a lock. Just using ordinary, published standards is not the same thing as encryption, or locking a door, or sealing an envelope.

Re:Odd...

[JoeMerchant]

As simple as it may be to YOU, this is "technical" knowledge that the average citizen does not possess. It is the "average citizen" standard we must go by, not YOUR technical knowledge.

It appears that the judge disagrees with you.

Knowing how to listen to WiFi streams is a legal, and non-regulated, form of technical knowledge, not in the same realm as owning and operating lock-picks.

Re:Odd...

[thegarbz]

You're missing the context of your activity.

It can be reasonably assumed that every activity someone undertakes has an expectation of privacy in some way shape or form. I could be sitting here naked posting on slashdot and I definitely have an expectation of privacy. The same could not be said if I was sitting in my front yard, despite still being on private property. I have a reasonable expectation that when I whisper something in someone's ear at a shopping centre that no one else hears it, the same can not be said if I used a megaphone.

Likewise all computer related activities rely on your context. Would the person be startled? Hell yes. Give them the megaphone example above and then tell them there's a feature they ignorantly don't use which automatically scrambles their voice for everyone except the person who is supposed to hear the conversation.

Ignorance can hardly be forgiven in this case. Windows flashes up warnings about using unsecured WiFi connections when you first connect. It's hard to expect that a reasonable educated person can click yes to those warnings and then be surprised when someone is able to intercept their data.

Re:Odd...

[chill]

No, it is not nor was it EVER illegal to receive an in-the-clear satellite broadcast if you didn't subscribe. This is why "pay" channels were scrambled early on (hello HBO). This is why people used the big dishes (C-band). All the main feeds were unencrypted and available for the taking. The broadcasters had no legal recourse for in-the-clear broadcasts.

The airwaves belong to the public. While they are managed by the gov't to prevent chaos, if it is broadcast in the open it is fully legal to receive.

This is my point. It is NOT illegal to receive a signal in the public airwaves from public (or your own private) space. You may fully demodulate said signal, but it is illegal to circumvent ENCRYPTION.

You could make a case for what you're saying *if* the transmission required a patented codec to decode, and the hardware needed to decode it was under controlled distribution.

Wifi isn't such an animal. The 802.11 signal is a standard and you are covered by all patents when you purchase the receiving hardware -- a NIC, base station or your phone.

This is why a SECOND LAYER -- ENCRYPTION -- is needed for protection. Otherwise it is the legal equivalent of shouting in a public space. If I can hear you from your sidewalk, you have no expectation of privacy.

No, needing a technological device like a radio receiver doesn't matter. Not when it is a publicly available like a wifi receiver is.

If you set up a micro-FM transmitter in your home that reaches just outside to the street, I am fully within my legal rights to stand in the street with a portable radio and listen to what you transmit. You can scream that it wasn't intended for me all the time but that doesn't matter. THE AIRWAVES BELONG TO THE PUBLIC.

By the way, encryption in certain frequency bands such as Ham Radio is illegal. It *MUST* be in the clear, and ANYONE can purchase a receiver and listen legally.

Re:Odd...

[hairyfeet]

Actually put me in charge and old Hairyfeet would fix this shit RIGHT quick,copyrights too, ready? "Use it or lose it". You'd have X amount of time to actually have a product for sale, at a market competitive price and reasonable number of locations (to keep them from making a one off and asking $10 million for it just to say they had a product) or your patents and copyrights would go straight to PD, and no getting it back out either. that would get rid of those buying patents just to troll, buying IP away from devs only to never do anything with it, it would make the world a better place for you and me.

Re:Odd...

[Jah-Wren+Ryel]

...because listening to unencrypted cellphones is illegal.

IIRC that is because the cell phone companies lobbied for that to explicitly be in the ECPA (electronic communications privacy act) - they didnt want to implement encryption for costs reasons so they got guys like Newt Gingrich to create a legal fiction of encryption "for free" instead. I believe that bit Newt in the ass a few years later when someone illegally recorded some of his embarassing cell phone conversations and anonymously sent them to some news outlets.

Re:Odd...

[Jah-Wren+Ryel]

That's a very good analogy. Because in order to intercept someone's wifi communications, you need the technical knowledge and equipment, and to make a deliberate effort to do so. And you call that "public".

Equipment and knowledge no more sophisticated than required for pointing a camera at an open window and pressing the "record" button.

Re:Odd...

To expand on this, you would need to be a willfully ignorant person to expect that your communications over an open network were private. Windows users are warned of the risks by their operating system when attempting to connect to open networks.

Re:Odd...

To use your own analogy, it would be more akin to all of your personal information being written on your front door and the outside of your house; no need to step inside.

Re:Odd...

[detritus.]

Because it's on ISM bands that people can legally transmit and receive data on and the spectrum isn't licensed to any specific network.

Re:Odd...

[WaffleMonster]

The thing about our right of security is that it isn't about hardening. If I don't lock my door, that's not an invitation for you to come in and raid my refrigerator. If I write my papers in English, that's not an invitation for you to read them and walk off with my banking info or anything else. If a lady wears a dress, that's not an invitation for you to look up it. In all cases, the boundary can be trivially hardened: I can lock my door, I can write my papers in code, the lady can wear jeans. None of that has any bearing on the expectations of privacy, though -- the boundaries don't move.

The problem with this analogy is that big ole wifi beacon broadcasting its presence to the world with open arms. The analogy is very much like hanging a sign on your front door inviting members of the public inside.

Re:Odd...

[Deadstick]

The problem is that the law gave the illusion of privacy for cell phone calls rather than actual privacy - scanners that can listen to analog cellular were easy to come by even after the ban and there were a number of "private" cell phone conversations made public in the media even after the ban. Some scanners required a simple hardware mod

In fact, some popular scanners from Radio Shack and Bearcat had the cellphone band locked out by grounding one pin on a chip. The grounding was provided by a jumper wire on the circuit board -- and it was installed extra long, protruding about an eighth-inch above the board so it was easily found and snipped...

Re:Odd...

[sumdumass]

Not really. Otherwise the government could go to your ISP or even your computer and check your email on their servers with no probable cause or warrant if they weren't encrypted.

Encoding the email or even the transport layer is a good indication of an expectation of privacy. But the lack of that is not carte blanche for any snooping even though it is technically possible and easily done. As far as sysadmins, if the wire tap laws apply, they are only allowed to read the Emails as part of maintaining their network (unless it's a company email account as employment communications is different). There can still be an expectation of privacy when it is technically easy to spy on people.

The problem with unencrypted wifi is that there has been huge campaigns, even by the device and operating system manufacturers, to inform consumers that if you do not use one of the encryption services offered on the wireless devices, anyone can use the connection for anything including snooping on your network. This of course assumes that a normal person would be paying attention to the news and read the literature that comes with the devices and be somewhat informed of this. So does knowing that someone could intercept and read all communications from a device that isn't encrypted convey an expectation of privacy when it is used unencrypted? That was what the judge had to determine.

Re:Odd...

Actually put me in charge and old Hairyfeet would fix this shit RIGHT quick,copyrights too, ready? "Use it or lose it". You'd have X amount of time to actually have a product for sale, at a market competitive price and reasonable number of locations (to keep them from making a one off and asking $10 million for it just to say they had a product) or your patents and copyrights would go straight to PD, and no getting it back out either. that would get rid of those buying patents just to troll, buying IP away from devs only to never do anything with it, it would make the world a better place for you and me.

THIS. God yes, THIS.

Re:Odd...

[sumdumass]

By the very same logic, I can say that I could use my special knowledge and some lockpicks, and pick your door lock in only a couple of minutes.

Or more accurately, you could use a high gain parabolic microphone with amplifiers to record and listen to a conversation to far away to hear naturally and from a vantage point that allows your concealment from those under surveillance.

This is _not_ an easy black and white situation. Cops are allowed to go anywhere the public can go and often, if the public can go there, they can hide in other locations and conduct the surveillance without tripping over the 4th amendment even using technology to enable it because they could have been in or at the vantage point publicly accessible. This is even more muddled by the fact that it isn't the government doing the surveillance but a private company in attempts to use the information in a civil and not a criminal case. The 4th amendment might not even be in play which is why this was over federal wiretap laws. However, while this ruling says it is not wiretapping, Section 705 of the Communications Act â" âoeUnauthorized Publication of Communications.â makes it illegal to intercept communications for your own gain. It might still be in question as to whether the company can intercept the communications for the purpose of a law suit. This ruling just said it is not explicitly barred as wiretapping.

Re:Odd...

[kenorland]

...because listening to unencrypted cellphones is illegal.

That shouldn't be illegal either. It only became illegal because some stupid politicians were discussing embarrassing things on their cell phones and got taped. Traditionally, listening to wireless transmissions has been legal no matter what, and that was good.

Listening in to unencrypted wireless transmissions is not "unreasonable search and seizure", nor an invasion of privacy. You can't have an expectation that anything you _broadcast_ without encryption remain private.

Re:Odd...

[kenorland]

Just because you think it takes "special equipment" doesn't make it so. Just about any computer can listen in on WiFi traffic easily, with no special equipment and just a couple of mouse clicks. Likewise, traditionally, analog cell phone conversations didn't require special equipment to listen to, many receivers could receive it. To prevent reception of analog cell phone conversations, many manufacturers had to add extra hardware to their radios.

Anything you broadcast on the public airwaves should be there for anybody to listen to and record, without restriction. If you don't want it to be listened to, use a cable and encryption. The world does not owe you privacy on the public airwaves, and even less so on unlicensed bands.

Re:Odd...

[DMUTPeregrine]

Have you ever had a walkie-talkie? You set the channel, and anyone on the same channel can hear what you're saying, and talk with you. They have a broadcast range of several miles. There's no reasonable expectation of privacy. If you want privacy you buy a special walkie-talkie with a scrambling system, and make sure everyone you want to talk to has the same key. Then there IS a reasonable expectation of privacy, since it's very unlikely two people would chose the same key randomly, and brute-forcing it would take quite a long time.

Open WiFi is the same as open walkie-talkies, but with shorter range and data. There's no reasonable expectation of privacy.

Re:Odd...

[Sabriel]

What's considered "standard software"? If I were to put a user-friendly app on the apple and android app stores so that anyone (the "probably 98% of the community" you mention) could have a neatly tabulated output of the content of nearby WEP-protected traffic, what effect does that have on law enforcement from your described perspective?

Re:Odd...

If they're eating at "Mickey D's" they deserve anything they get. They're poisoning themselves with something that is claimed to be food but is without a doubt toxic waste.

Re:Odd...

[cykros]

It actually takes far less knowledge and far simpler equipment to tap a land-line telephone than to intercept wifi content. So by your logic, it should be legal to tap telephones. After all, the wires are right there in public. You can see them on the poles and running to the houses, with your own eyes. No electronics needed.

The difference here is that the wires are private property, and tapping them requires attaching something to them (feel free to correct me if I'm wrong about this Slashdot...this would surprise me). Radio waves, on the other hand, are not, and listening to them in no way affects any private property, but rather, is simply a matter of grabbing signal from a public radio frequency. There should be no problem with this.

The problem is that people are ignorantly using devices that transmit radio waves. It is similar to speaking about private matters in front of a microphone that is on, which a hypothetical subect owns and placed in front of himself in the on position because he didn't know what a microphone was, and then being surprised that his privately spoken words were audible to the public. This does occasionally happen in the world (though usually, not in as simple a way). It's embarassing, and may potentially cause problems. It's in particular a good anecdote for why people probably shouldn't use technology which they do not bother to first learn to use, lest they invite peril.

I'm not convinced that we need a law to protect ignorant use of tools. Tools that are dangerous to other people, we often require licensing to own or use (as in the case of automobiles and certain types of weaponry, among other things). But there isn't a good case to be made for requiring a license for using the technologies in question, as the risks tend to fall to the user, rather than those around the user (though I do believe anyone operating a computer-based service that egregiously mishandles customer information should be liable for the results thereof). Basically, I think people should probably recognize that like many tools, using wireless networking technology is not without risk. If they choose to educate themselves or not is up to them, but they should expect to have no one to blame for their ignorance but themselves. The alternative invites a very awkward legal future.

Re:Odd...

[grantspassalan]

Name one computer that comes from the factory with the necessary software to intercept and record unencrypted traffic from an open Wi-Fi? Anybody who wishes to intercept and record such Information from an open wireless network, must obtain special software for the purpose. This is easy enough to do, but such software does not come standard with any computer that I know of. Only a person with a nefarious desire to eavesdrop would go to such effort.

Re:Odd...

[fm6]

Foolish consistency, yada yada.

Fun fact: there's no magic fairy who goes around making sure all judicial decisions are consistent. Some decades ago, a technically unsavvy judge decided that analog cell phone users had an expectation of privacy, even though anybody could go to Radio Shack and buy a radio for listening in. He was never overruled, probably because nobody uses analog cell phones any more.

Now, a more technically savvy judge realizes that somebody who doesn't encrypt their signal shouldn't expect privacy. Why should he be bound by his predecessor? If the inconsistency is ever an issue, somebody will use it as a basis for appeal, but I predict that the appeals court will decide that the first judge simply didn't understand the case he was adjudication.

Re:Odd...

Please explain why open, unencrypted satellite transmissions should be considered "private" under the law, if my own transmissions are not.

Satellite uses licensed radio spectrum. Your wifi uses unlicensed public spectrum.

You're the one missing the point. If you have something sitting around in plain view of the public, acting as if it is fully usable by the public, then the burden is on YOU to somehow flag it or mark it off as for restricted use if you don't want people using it. If you setup a portable toilet next to a job site on the public street, it's perfectly legal for anybody to walk up and use it unless you put up a sign that says "Construction Crew Use Only".

When presented with 100 open, unsecured wifi hotspots, how the FUCK am I supposed to know which are the 99 I'm allowed to use and which is the 1 I'm not supposed to? There isn't a way, and the mere act of connecting to your hotspot means I'm "sniffing" your traffic.
Protect your fucking wifi, and stop expecting everybody else to bend over backwards to accommodate your wishes.

Re:Odd...

Name one computer that comes from the factory with the necessary software to intercept and record unencrypted traffic from an open Wi-Fi? Anybody who wishes to intercept and record such Information from an open wireless network, must obtain special software for the purpose

Sniffing is the act of intercepting the data in the first place, regardless of whether or not you're logging or doing anything else with it.

Only a person with a nefarious desire to eavesdrop would go to such effort.

I'm a network engineer, I do all sorts of traffic monitoring and none of it is done with nefarious intent. And just FYI, any average idiot can download, install, and launch wireshark so I'm not sure why you think it takes some kind of Herculean effort. You don't have to do anything else to sniff traffic other than connect to the wifi hotspot- it'll send you all the traffic even if you're not trying to receive it- that's how the technology works.

Re:Odd...

That's a shit analogy, however, because nobody is going into your house.

This is more like you putting up a sign that says "Open, come on in" and then getting angry when people who are not members in your private club show up inside. Well, you advertised you were open, you never restricted who could enter, or gave any other indication that access was supposed to be limited. Put up a sign, or hire a bouncer, or DO something to show that the service you're advertising in public is restricted in some fashion.

Your wifi device is shouting to the world "HEY!!! I'M HERE!!! COME ON IN!!!". If you don't want people walking in, turn off the broadcasts or just put a goddamn password on your wifi.

Re:Odd...

[Tastecicles]

expectation of privacy on a broadcast as opposed to a unicast...

important difference here: an open wifi network broadcasts its existence to all and sundry. Are you saying that detecting and identifying an open wifi network (before any payload data is even exchanged) is illegal? If not, then by extension of the fact that the door is open to transmit payload by the same carrier (open, unencrypted and with no lock), intercepting that payload is as legal as tuning in a transistor radio to a broadcast station. End of.

A cellphone broadcasts an open connect signal to the nearest two towers. This signal is interceptible and can be triangulated by anyone with the correct equipment. Nothing illegal about that, in fact carriers use this information for everything from location tracking (down to two or three feet) to relaying towers (say if you're moving at speed).

The big difference between a unicast and a broadcast is that a unicast uses some sort of security device to squelch out unwanted signal, also to isolate itself from other signals that the receiver hears it and nothing else, and nobody else hears it. Think of it as a five lever deadlock. It won't stop a determined burglar (wiretapper) but it'll stop honest people (Joe Schmo with a $100 scanner he uses to listen to civilian air traffic) from trying. The point is that if the intent is there (a lock) to stop unwanted eavesdropping, then circumventing that lock is breaking and entering (hence illegal). The only burden on the accuser is to show that the intent (lock) is there to prevent eavesdropping. If it isn't there, he has no case against anyone whose body or equipment that BROADCAST signal passes through.

What's weird about that whole analogy is this: it's not illegal to own a scanner in the UK, but it is illegal to operate one. The reason being, that modern scanners can not only discover WFM (Wide FM, ie broadcast) and NFM (Narrowcast FM, or personal/mobile radio) transmissions, they can also be programmed with CTCSS and DCS codes which act as squelch keys so they can be used to intercept (relative to broadcast) secure transmissions.

Since wifi equipment can be programmed with DCS to separate channels, does this mean that owning wifi equipment is legal but operating it is not?

I've gone cross eyed.

Re:Odd...

[marka63]

My Mac with factory installed software can dump entire communication streams which I use regularly to debug networking problems.

"tcpdump -i en1 -s 0 -X port 25" will show all the email being sent.

Re:Odd...

[Tastecicles]

any computer that comes equipped with wifi and the necessary software to connect to a wifi network!

Here it is on my computer as it came from the factory:

1. one copy of Windows 7 Home Premium
2. One wifi adapter
3. One copy of the Wireless Zero Configuration software libraries and the necessary libraries for actually making the wifi work
4. one browser.

NEXT!

Re:Odd...

[Tastecicles]

oh, to have mod points left and to not have already commented in this thread...

Re:Odd...

[Tastecicles]

PATRIOT is probable cause for Government agents to put a bullet in behind your ear these days, don't think for one minute they're above using the same or similar excuse to eavesdrop on your communications.

Re:Odd...

[shentino]

I think I have a reasonable expectation of privacy due to the existence of wiretapping laws that expressly prohibit meddling without a warrant.

The statute itself is my "no eavesdropping plz" notice to everyone, including the government.

Re:Odd...

[marka63]

I've got a digital wireless phone at home. One of selling points was that it encrypts between the handset and the base station. If I had bought a wireless phone that didn't encrypt the radio signal I would expect that it could be heard by anyone in range.

I've got a wifi at home. It encrypts communication between the wifi capable device and the access point. If I turn that encryption off I expect that anyone the has a wifi capable device is capable of reading the communication.

Re:Odd...

Nah, that's not the same at all. How hard is it to listen to an unencrypted cell? How hard is it to connect to an unsecured WiFi AP?

Re:Odd...

Doesn't even speak to the OP point. You clearly do have some knowledge of the subject matter. You've been taught the rules.

Re:Odd...

[Tastecicles]

Mine did.

~Windows 7 with WZC: check
~Browser: check.

All you need.

Re:Odd...

And so is WiFi traffic. While your WiFi might be open, and so it is easy for anyone to detect it or use it (anybody can see you using your cell phone, or borrow it if you let them), actually determining the contents of the communication (i.e., both sides of the "conversation") is another matter. Even your typical sniffer won't do that. It might record those contents but making sense of it takes further work.

My Mac comes with tcpdump built in. There are a thousand web pages describing how to sniff any network traffic, including wireless (really wireless is just a medium for transmission, nothing more). It requires nothing more than jumping on an unsecured network and using a command available on my system by default to read and store that data. If someone emails someone else without encryption, I can see the contents of that message with *nothing more exotic than this method*.

If I wanted to get fancy I could put on Wireshark (freely available, widely recognized) and reassemble the stream, but that is still within the realm of a web how-to guide. Still not necessary to read the contents of that data in a human-consumable form however.

Re:Odd...

[Chelloveck]

Nope, not buying it. If you're broadcasting your communications in the clear it's the same as speaking in a public place. Or if not truly "public", then a private place in which anyone can come and go at will, such as a grocery store. If you're discussing your medical problems in the produce section and I overhear them, it's not my fault. It's yours. Even if I intentionally sidle up next to you pretending to be interested in the rutabagas you're standing near just so I can be near enough to hear you, it's your own damned fault for talking about private stuff in a public place.

Same goes for wireless. If you're transmitting in the clear, don't be surprised when someone overhears you.(*)

Want to provide an open access point as a benefit to the neighborhood? Great! More power to you! But for cryin' out loud, encrypt your private conversations! Then you can have your private conversation in the public space you've set up. Or in the public space anyone else has set up.

(* Yes, I know that this contradicts court rulings intended to protect unencrypted cellphone conversations. I think those rulings are bad. The fact that they contradict rulings in similar cases regarding cordless land-line handsets indicates that something is wrong, in any case.)

Re:Odd...

[Jane+Q.+Public]

"By your logic, if someone has a public conversation in Chinese, it should be illegal to listen to them since proficiency in the Chinese language is "special knowledge".

Not even. Not the same thing at all. You only need someone who understands Chinese. You don't need special equipment or TECHNICAL knowledge.

"If you chose to send your personal information via Wi-Fi, cell phone, or other radio signal, you are sending that information as far as the signal will carry it to whomever is in range. If you were having a loud argument in your apartment, would you expect your neighbors to not listen in?"

You are making the same mistake that other poster did. You are conflating the signal itself with the communication content of that signal.

If someone shouted audible wifi packets through my wall, I could hear them but I would still not understand them. Deciphering the actual communication content of those packets would take special equipment, technical knowledge, and deliberate effort.

Re:Odd...

[Jane+Q.+Public]

"What you're claiming is like claiming that someone has an expectation of privacy in public if they speak a different language compared to the national norm, it takes deliberate effort to intercept that discussion as well."

No, it isn't. What you people are failing to get, is that in order to understand a wifi communication, as opposed to just detecting the signal, you need the right equipment and technical knowledge, and time.

To understand a conversation in a foreign language, you only need to understand the language.

I invite you to stand outside my house and listen, with no more than a cell phone or laptop with factory software, to my wifi signals all you want. You won't get very far.

Re:Odd...

[Jane+Q.+Public]

"If I were to put a user-friendly app on the apple and android app stores so that anyone (the "probably 98% of the community" you mention) could have a neatly tabulated output of the content of nearby WEP-protected traffic, what effect does that have on law enforcement from your described perspective?"

You already have that, if you have a Mac. Open a command shell and type in "Kismet".

And it has no bearing on my point at all. It might record, but by itself it doesn't decrypt anything or decipher the contents of the packets.

Re:Odd...

[Jane+Q.+Public]

"The difference here is that the wires are private property, and tapping them requires attaching something to them (feel free to correct me if I'm wrong about this Slashdot...this would surprise me)."

That is true, but that is not "the reason" that tapping telephones is illegal. It is illegal because it is an invasion of privacy. If it were not an invasion of privacy (the worse crime), I am sure you could get them on some kind of trespassing charge. But that's completely beside the point.

Re:Odd...

[Jane+Q.+Public]

Not even close.

You (like so many others in this thread) are confusing the idea of receiving signals from my wifi, with actually intercepting and understanding my own communications via wifi. Those are two different things.

My wifi is open. You could connect to my router. You could record the packets that come from it even without connecting to it.

But actually making sense of the content is a completely different matter. Without special software, at the very least, you can't see what web page I am browsing, or listen in to my Skype calls.

Re:Odd...

[Jane+Q.+Public]

"All you need."

NO, it isn't.

That is to say: you can detect and record packets, sure. But you can do that until the cows come home and still not be able to see what web page I am visiting, without more specialized tools and the knowledge to use them.

Re:Odd...

[Jane+Q.+Public]

"My Mac with factory installed software can dump entire communication streams which I use regularly to debug networking problems."

Great. So dump my traffic. But that still won't get you anywhere. Using just those tools, tell me what web page I was visiting.

You can't.

At the very most, you might tell what IP address I was receiving packets from. But that still doesn't give you the meaningful content of the communication. Especially if it were audio or video.

Re:Odd...

[Jane+Q.+Public]

"No, it is not nor was it EVER illegal to receive an in-the-clear satellite broadcast if you didn't subscribe. This is why "pay" channels were scrambled early on (hello HBO)."

My mistake. It is illegal to pirate the signal, but not to receive it.

Ham radio, however, is a completely different matter of regulation and law. It is hardly relevant.

Re:Odd...

[Jane+Q.+Public]

"Equipment and knowledge no more sophisticated than required for pointing a camera at an open window and pressing the 'record' button."

Which in most U.S. states would be illegal, which is kind of the point here.

But no. Most everyone in this thread has been failing to distinguish between the recording of packets, and actually determining what the contents of those packets represent.

You can get the signal. You can get the packets. But from there, to figure out who I was talking to on Skype, or what video I was watching, requires more sophisticated knowledge and equipment.

Re:Odd...

[Jane+Q.+Public]

"This ruling just said it is not explicitly barred as wiretapping."

I know. But I think the judge was wrong. He did not distinguish between the signal and its content.

Telephone analogy: courts have ruled that a "pen register" -- detecting when a telephone call was made, and its source and destination -- is not the same as a wiretap because it does not actually intercept the communication. Therefore the standards of evidence to get a pen register are a lot looser. You still need a judge's permission, and evidence, but not as much as for "probable cause", which you need for a tap.

In the same respect: detecting and recording packets can tell you the source and destination IP addresses... but by itself, it doesn't interpret the content of the communication. That requires more sophisticated tools. And, I argue, should have more stringent protection.

Another example: I can build a device that will let me hear conversations going on within someone's home, from half a mile to a mile away. Without any physical presence in the home or radio transmitters. (In fact they are relatively easy to make.) Should the use of it be legal? It makes use of physical phenomena that are publicly available to anybody. Even so, it is illegal for law enforcement to use one without a warrant.

But that brings us back to the kind of situation that many legal people label "perverse": the law allowing citizens to engage in forms of surveillance that are illegal for law enforcement.

Still, as I see it, that's better than the other way around.

Re:Odd...

[Jane+Q.+Public]

"Open WiFi is the same as open walkie-talkies, but with shorter range and data."

No, it isn't. You can connect to my open wifi router, but you still can't hear what *I* am saying, without special equipment. You can get the signals, and record the packets, but knowing what I am saying on my Skype call, or seeing the video I am watching, are very different things.

Re:Odd...

[Jane+Q.+Public]

"Just because you think it takes "special equipment" doesn't make it so. Just about any computer can listen in on WiFi traffic easily, with no special equipment and just a couple of mouse clicks. "

And like almost all of the people here who have argued with me, you failed to get the point.

It is one thing to detect or even record the signal and the packets. It is quite another to determine the contents of those packets and turn those contents into something intelligible.

The first part is easy. But it is also mostly useless by itself. If you want to get to the real communication content, there is a whole lot more work (and yes, special equipment) involved.

Re:Odd...

And to decode wi-fi packets you only need a wi-fi adapter and a program that understands wifiese (not some "special" supersecret program, just a common network testing tool).

What's the difference between special TECHNICAL knowledge needed to understand wi-fi transmissions and special HUMANITARIAN knowledge needed to understand Chinese?

You are conflating signal itself and communication content of that signal. If someone shouted audible Chinese through my wall, I could hear them but I would not understand them. Deciphering the actual communication content would not special equipment (Namely an ear. Yes, wi-fi adapters are as common as ears), humanitarian knowledge and deliberate effort.

Re:Odd...

[Jane+Q.+Public]

"This is why a SECOND LAYER -- ENCRYPTION -- is needed for protection"

And this is where you are missing the point. It is NOT the equivalent of shouting in a public space, because anybody can hear the shouting. You don't need special knowledge or equipment to intercept it.

Now, don't misunderstand me like those others did. Yes, the SIGNAL is very public and can be recorded by just about anybody with standard tools in their laptop. But the same is not true for the communication content of those packets. Your everyday tools will not make sense of that. That takes more work and more sophisticated tools, even if it is unencrypted. Otherwise all you are looking at is a meaningless bitstream.

You have to distinguish between the signal itself, and the communication content of that signal. Because there are legal differences.

For example: a "pen-register" can be attached to telephone switching equipment, and will record when a call was made, where it was from, and where it went. But the courts have ruled that it is not a wiretap, because it doesn't intercept the actual communication of the phone call. Therefore, pen registers (according to recent rulings) don't require the same standard of evidence to get as a wiretap does. A warrant based on probably cause is required for a wiretap. A pen register still requires a judge's permission, based on evidence, but that evidence does not have to meet probable cause standards.

So that is what I am talking about here. Sure, the signal is public and can be detected or recorded. But that is NOT the same as actually eavesdropping on me. Making sense of the actual content requires equipment and knowledge that is not common in the streets.

Re:Odd...

Dude, you're kinda like a deaf person trying to reason about spoken conversations. For umpteenth time, as others have already told you - there's nothing special about equipment and software needed to extract the contents of unencrypted wi-fi communications, it's as common as ears and speaking English. Compared to "speaking in Chinese" example higher in the thread, knowledge needed to read unencrypted wi-fi streams is hundreds and thousands times more common and discoverable than knowledge needed to understand Chinese (and Navajo speakers were officialy a special encryption device). Just because personally you don't know about it doesn't make it any more special than Chinese.

Re:Odd...

[Jane+Q.+Public]

Pardon the multiple posts, but I have had distractions.

"If you set up a micro-FM transmitter in your home that reaches just outside to the street, I am fully within my legal rights to stand in the street with a portable radio and listen to what you transmit. You can scream that it wasn't intended for me all the time but that doesn't matter."

Well, no shit, Sherlock. But that isn't what I was arguing.

Telephone wires are public, too. Does that mean I can tap them? No. (Now, don't go telling me it's illegal because they are private property. That is true, but that is not WHY it's illegal. The courts have made their reasoning very clear.)

So explain to me where any other difference is. I can tap into the line with no special equipment, and record everything going on. Easily. Hell, I can even wrap a current loop around the line and detect the signal without damaging the wires at all, or even touching them. So what's the difference?

I'll tell you where the difference is: a telephone call is a communication that is intended to be private. It is a point-to-point communication. Just as with your cell phone to your cell tower, or your laptop to your wifi router. It may BE public, as a matter of technicality, but the intent is that the communication is private. Your FM radio analogy is not valid, else it would be perfectly legal to intercept cell phone communications. But it's not.

"THE AIRWAVES BELONG TO THE PUBLIC."

No, they don't. That's a nice theory, but it doesn't work that way. The FCC presumably regulates frequencies and the like on behalf of the public, but that's pretty debatable considering how they auction off blocks to large corporations.

More to the point: states can and do regulate the reception of some frequency bands. For example, in some states it is illegal to receive police-band radio. And if they can regulate the one, then they can regulate the other. Both can be argued to be "in the public good".

Re:Odd...

[Tastecicles]

read GP again. My response is correct.

Re:Odd...

[Jane+Q.+Public]

"Dude, you're kinda like a deaf person trying to reason about spoken conversations. For umpteenth time, as others have already told you - there's nothing special about equipment and software needed to extract the contents of unencrypted wi-fi communications, it's as common as ears and speaking English."

Yes, people have told me, but they are wrong.

Go ahead. Use your "standard equipment" and sniff my unencrypted wifi packets. Then tell me what web site I was visiting, or what I was saying on my Skype phone call, or what video I was watching.

What's that you say? You can't? Why not?

Because making sense of the contents of those packets does not come automatically, or with "standard" equipment.

Get a clue yourself.

Re:Odd...

[chill]

No, in *radio* communications there is *NO* legal difference in receiving and decoding the signal.

The airwaves are public. You are fully allowed to received any signal that you can reach from your property or public property. Until the DMCA was enacted, you were legally able to unscramble to decode that signal to your heart's content.

Please understand this. At NO TIME was anyone EVER convicted of "pirating" satellite television for simply unscrambling a signal. THIS WAS LEGAL.

People were arrested for selling, manufacturing, distributing or importing prohibited equipment that did this. They were arrested for publishing information on how to do this (though I don't know if anyone was every convicted on this -- free speech and all). There were cases of running bulletin boards that discussed how to do this.

BUT NO ONE WAS EVER CONVICTED OF A CRIME OF RECEIVING OR UNSCRAMBLING A SIGNAL.

Until the DMCA (1998), this was essentially fully a legal right. There was nothing to charge people with.

Note: Pirating cable television is different. You had to physically attach to the cable. That is a crucial difference.

Ditto in intercepting old analog cellular communications. People were only ever charged with RECORDING the signals, not just intercepting them. The law instead went after the Radio Shack (and other) receivers, making it illegal to import, distribute or manufacture them -- but NOT illegal to OWN or USE them. Old sets were grandfathered in and fully legal to own and use. [47 CFR Part 15.37(f) -- implemented in 1994]

The communication content you are talking about in those packets are all based on public standards and commonly available tools.

You seem fixated on the need for equipment and knowledge, and that has nothing to do with it.

The law addresses only content protected by a method of ACCESS CONTROL, which simple protocols such as SMTP or POP3 are not.

Skype is encrypted communications and has an access control. Under the DMCA it is thus illegal to circumvent.

SSL-encrypted communications fall under the same law.

As far as I can determine, the State laws all revolve around DISCLOSING information gathered by eavesdropping -- not the act of eavesdropping itself.
http://www.ncsl.org/issues-research/telecom/electronic-surveillance-laws.aspx

In short, I can listen to any damn thing I want. I can decode it all day long. I just can tell anyone. However, there is no law against me acting on the information I overhear as long as I don't disclose the information itself. (Insider Trading and the like notwithstanding.)

Please point me to an actual law -- preferably Federal, as I haven't chased down all 50 States -- that says the contrary.

And FYI, I was a telecom engineer for over a decade and spent the last 2-3 years supporting CALEA projects. I had several in depth conversations with lawyers specializing in this field as well as agents of several law enforcement agencies, both Federal and State/Local when seeking guidance on how EXACTLY to implement software wiretap solutions.

I am very interested in this subject.

Re:Odd...

[Jane+Q.+Public]

"read GP again. My response is correct."

Pardon me. Technically you are correct. GP was wrong.

But MY argument, all along, has been about the content of those packets.

You can detect and record packets all day long, and it won't do you much good. Without "special" equipment (software, particularly) the content of the packets is just going to be bitstream gibberish. Standard tools won't help you with that.

Re:Odd...

[Jane+Q.+Public]

Hey, chill: chill.

I already admitted my mistake in that regard. You are arguing with nobody.

However:

"The airwaves are public. You are fully allowed to received any signal that you can reach from your property or public property. "

Absolute bollocks. It is against Federal law to intercept cell phone communications. Those are RADIO, in case you hadn't noticed.

And, as I already mentioned, some states regulate what radio bands you are allowed to legally receive.

I'm not even going to bother with the rest of this.

Re:Odd...

"What sites you was visiting" is easy. Skype is not - because it does add an encryption layer. So, Skype is private even over unencrypted wi-fi. Your web browsing and mail sent without TLS encryption over same wi-fi are not.

Re:Odd...

[Jane+Q.+Public]

"not some "special" supersecret program, just a common network testing tool"

And "common network testing tools" are NOT common. Probably better than 99% of the populace don't even know what they are.

I never argued that it had to be "supersecret" or some kind of great fancy thing. That's not the point. In law, you have to consider the COMMON person, not your typical Slashdot geek.

Re:Odd...

[chill]

Sigh... sorry. I've been following the various laws regarding this for years as it is both a personal and professional interest to me.

Thanks.

Re:Odd...

[Jane+Q.+Public]

""What sites you was visiting" is easy."

No, it isn't. Unless you follow the whole bitstream, all you'll get is the IP address. But there can be many sites on an IP address.

If it's so easy, let's see you do it. With nothing more then OEM, factory software and hardware.

Explain your methodology, and post your results online. I would be VERY interested in seeing this.

"So, Skype is private even over unencrypted wi-fi. Your web browsing and mail sent without TLS encryption over same wi-fi are not."

"Unencrypted" is not the same as "obvious". Go ahead. I invite you to try it on someone. Let us know how it works out.

Re:Odd...

You might wish to google for "wireshark". It's an extremely "special" program routinely used by lots of different people for different purposes - network diagnostics, audit, and yes, sniffing - that can make sense of contents for lots of protocols. It was downloaded 2000 times last week just from Sourceforge site. Most Linux distros have it in their official repositories. You're much, much more likely to be no more than a hundred meters away from a Wireshark user than from a Chinese speaker.

Re:Odd...

[Jane+Q.+Public]

"You might wish to google for "wireshark". It's an extremely "special" program routinely used by lots of different people for different purposes - network diagnostics, audit, and yes, sniffing - that can make sense of contents for lots of protocols."

I've been using Wireshark for years. But that's completely beside the point.

Wireshark is a "special tool" that takes "more knowledge than the common citizen" to use effectively.

It doesn't matter how easy it is to get, any more than it matters how easy it is to get lockpicks. It's whether you have the knowledge and skill to use them. And most people -- the VAST majority of people -- don't.

People here on Slashdot keep insisting on judging others in terms of themselves. But in law, you can't do that. You have to use the COMMON person as the standard. I doubt more than 0.5% of The People have ever even heard of Wireshark.

Re:Odd...

[Tastecicles]

Millions of people use Microsoft Word. That doesn't make most of them experts. In fact, I've never seen it used either effectively nor efficiently*. Should it too be considered a specialised tool because of its complexity/feature-flood? I say yes. Is it something I would consider using?

No. I'm not prepared to fork out X amount for what's really just a glorified typesetter app with features 99% of users don't use and/or don't know how to use. I don't need the Peltzer Bathroom Buddy if all I want to do is knock in a nail.

*FWIW, I use a plaintext editor for compositions, and simple markup for formatting *after* the content is done. I say simple markup, it's XML, usually, depending on where it's intended for (sometimes I use a postscript editor). For me, that's efficient.

Re:Odd...

[Jane+Q.+Public]

"In fact, I've never seen it used either effectively nor efficiently*. Should it too be considered a specialised tool because of its complexity/feature-flood? I say yes."

No, that is not even remotely the criterion I was using. I was referring to tools that may be common in "the industry" but that most people do not know about at all.

By that standard, Word is exactly the opposite of what I was talking about: everybody knows about it, and most people can use it to at least some degree.

Re:Odd...

You recently rejected privacy expectations for "people talking in Chinese". It's extremely UNcommon for people to know Chinese (except for in China).

It doesn't matter how easy it is to get a Chinese self-help book. It's whether you have the knowledge and good ear to use it.

No, really, you keep repeating "it needs special knowledge" for wi-fi, what's special about five minutes in google about network sniffing, and what's not special about learning a whole foreign language?

Re:Odd...

It's interesting that if you're not aware you can easily publish private info with Word - I forgot the exact name of the function to make Word keep the history of edits, but there were a few scandals when people found interesting bits in redacted portions of Word document.

It's uncommon knowledge - see, even I don't remember where to find it - so information revealed with this button should be qualified as privacy intrusion, right?

P.S: Before arguing that, you should produce a poll about people's knowledge about WiFi protection and people's knowledge about Word's redactions (You probably will also be amazed by how many people don't even know what's a why-fye (and what's a redaction))

Re:Odd...

[Jane+Q.+Public]

"P.S: Before arguing that, you should produce a poll about people's knowledge about WiFi protection and people's knowledge about Word's redactions (You probably will also be amazed by how many people don't even know what's a why-fye (and what's a redaction))"

That's probably true. But I don't feel obligated to try to prove absolutely everything. In my experience most people barely know how to get their own wifi working, and wouldn't know a sniffer if it were sniffing them in the crotch.

Re:Odd...

[Tastecicles]

yeah, I remember that... notwithstanding my previous post.

It's called "versioning" and it was left out of Office 2007. It was replaced with a downloadable package called Office Migration Planning Manager, which includes a Version Extraction Tool so you can save previous versions in Office 97-2003 documents as separate files.

That said, Versioning is still a feature available in Sharepoint, whatever the hell that is.

Re:Odd...

[Jah-Wren+Ryel]

Which in most U.S. states would be illegal, which is kind of the point here.

Citation required. Here's mine:
if you leave your drapes open, you shouldn't expect that no one will look in. You have no legal expectation in this case. Neither do you have an expectation that you won't be filmed -- if the person filming is standing where it's legal for her to stand, such as on the street or sidewalk.

But from there, to figure out who I was talking to on Skype, or what video I was watching, requires more sophisticated knowledge and equipment.

Anything can be automated in software. I think that automating focus, white-balance, exposure, etc is at least as complicated as parsing skype packets.

Re:Odd...

+97

Re:Odd...

[Jane+Q.+Public]

In my state -- I'm not going to tell you which one it is, because I don't discuss my location on Slashdot -- open curtains or not, if someone actively watches you through the window in order to determine what you are doing inside (as opposed to, for example, merely glancing in while walking past), it constitutes "illegal surveillance" and it is a prosecutable crime.

You can believe it or not, as you choose, but I promise you that is the case.

Of course, you should not expect someone to not "look in", and you do not have a reasonable expectation of privacy in public. I am well aware of that. But looking in the window is one thing. But actively watching through the window in order to observe my activities inside, or watching through binoculars, or recording with a camera is indeed illegal here.

Re:Odd...

[Sabriel]

Sorry, that's what I meant - a user-friendly app that presented a neatly tabulated output of the deciphered content of nearby WEP-protected traffic.

"Black Hat Siri, tabulate nearby LAN traffic and announce items of interest"
"Decrypting... IP123 is downloading email (context AI suggests mid-level executive)... IP321 is banking with Acme bank (old TLS detected, exploit available)... IP456 is surfing porn (old TLS detected, exploit available)... IP987 is running MITM exploit against IP321.... IP989 is streaming webcam (remote exploit available)..."
"Black Hat Siri, display locations of IP321, IP987 and IP989 on local street map."
"Displaying."

Re:Odd...

[Jah-Wren+Ryel]

In my state -- I'm not going to tell you which one it is because I don't discuss my location on Slashdot

You are lying. Out right lying. How do I know? You did not have to tell me you live in the state, all you had to do was cite the state's laws. You made up a barrier to justify failing to provide testable proof for your claims. You could not be more disingenuous.

Re:Odd...

[marka63]

It's very easy to see what page you are looking up unless you encrypt the traffic by using HTTPS. HTTP sends the requests in ASCII and tcpdump will happily display the entire packet in both hexadecimal and ASCII forms.

tcpdump -i en1 -s 0 -X port 80

10:31:22.661164 IP 192.168.191.223.62650 > 216.34.181.45.80: Flags [P.], ack 1, win 33304, options [nop,nop,TS val 1494640011 ecr 2912268514], length 721
        0x0000: 4500 0305 66ba 4000 4006 c360 c0a8 bfdf E...f.@.@..`....
        0x0010: d822 b52d f4ba 0050 4555 d596 dcb5 00b1 .".-...PEU......
        0x0020: 8018 8218 871f 0000 0101 080a 5916 658b ............Y.e.
        0x0030: ad95 b0e2 4745 5420 2f20 4854 5450 2f31 ....GET./.HTTP/1
        0x0040: 2e31 0d0a 486f 7374 3a20 736c 6173 6864 .1..Host:.slashd
        0x0050: 6f74 2e6f 7267 0d0a 5573 6572 2d41 6765 ot.org..User-Age
        0x0060: 6e74 3a20 4d6f 7a69 6c6c 612f 352e 3020 nt:.Mozilla/5.0.
        0x0070: 284d 6163 696e 746f 7368 3b20 496e 7465 (Macintosh;.Inte
        0x0080: 6c20 4d61 6320 4f53 2058 2031 305f 375f l.Mac.OS.X.10_7_
        0x0090: 3429 2041 7070 6c65 5765 624b 6974 2f35 4).AppleWebKit/5
        0x00a0: 3336 2e32 3520 284b 4854 4d4c 2c20 6c69 36.25.(KHTML,.li
        0x00b0: 6b65 2047 6563 6b6f 2920 5665 7273 696f ke.Gecko).Versio
        0x00c0: 6e2f 362e 3020 5361 6661 7269 2f35 3336 n/6.0.Safari/536
        0x00d0: 2e32 350d 0a41 6363 6570 743a 2074 6578 .25..Accept:.tex
        0x00e0: 742f 6874 6d6c 2c61 7070 6c69 6361 7469 t/html,applicati
        0x00f0: 6f6e 2f78 6874 6d6c 2b78 6d6c 2c61 7070 on/xhtml+xml,app
        0x0100: 6c69 6361 7469 6f6e 2f78 6d6c 3b71 3d30 lication/xml;q=0
        0x0110: 2e39 2c2a 2f2a 3b71 3d30 2e38 0d0a 4163 .9,*/*;q=0.8..Ac
        0x0120: 6365 7074 2d4c 616e 6775 6167 653a 2065 cept-Language:.e

audio and video are not much harder. The Mac comes with all the tools
required to display / play back audio and video and it is trivial to take a
stream captured with tcpdump and extract the payload, write it to disk
then play it back.

Re:Odd...

[Jane+Q.+Public]

No, I am not lying. But I'm not going to cite the state's laws, because then you could tell what state it is. The laws are not identical, you know.

As I said before: it's true, and I could prove it, but I am not going to. You can believe it or not. I don't owe you anything and I have very good reasons for not citing anything verbatim.

Re:Odd...

[Jane+Q.+Public]

By the way: I considered making some insignificant changes to the wording of the laws and posting them here for you anyway, but when I took the changed versions and put them in Google it led straight to my state.

You may think I am being paranoid, but you try being a woman who speaks up, in this kind of forum. I already have one person I consider to be borderline harassing me, and I am beginning to suspect him of "cyberstalking".

Re:Odd...

[Jah-Wren+Ryel]

You may think I am being paranoid, but you try being a woman who speaks up, in this kind of forum

What part of, "You did not have to tell me you live in the state" do you fail to understand?

You are particularly pathetic in trying to frame this as some sort of personal safety issue. If you really gave a damn about your safety you would never have even considered mentioning that you live in this mythical state to begin with.

You have utterly ruined your credibility in this debate with such transparently disingenuous claims.

Re:Odd...

[marka63]

Except there never has been the expectation that communication on the Internet is private without encryption and identification of the party you are talking to. The public has been told this repeatedly for the last two decades. This is one of the reasons people are told to use HTTPS when connecting to banks.

Re:Odd...

When you have a conversation in a public place there certainly is an expectation of privacy unless you are deliberately addressing a crowd. We customarily think it's rude to overhear an argument between spouses, for example, and the polite thing is to walk away.

The expectation of privacy is set by the address header on the email, not by the communications medium. If it isn't addressed to you it's none of your business. The fact that you may overhear it is irrelevant. Even if you did, that would be hearsay, especially if you did not have enough of the message to share the context.

Not everyone that says "fire" is referring to a gun.

This is just one more creeping attack on privacy by government.

Re:Odd...

Absolute bollocks. It is against Federal law to intercept cell phone communications. Those are RADIO, in case you hadn't noticed.

No it is not. What is illegal is sharing the intercept with anyone else.

Re:Odd...

[Jane+Q.+Public]

"What part of, "You did not have to tell me you live in the state" do you fail to understand?"

Hahahaha! I had already told you it was my state. What part of "water under the bridge" do YOU not understand? However, it's good advice and I will keep it in mind if I decide to make similar statements in the future.

"You are particularly pathetic in trying to frame this as some sort of personal safety issue."

And you can just fuck off, asshole. You know nothing about my personal situation or my reasons, so you have no place trying to second-guess me in that regard. You don't know the slightest thing about me and pretending you do ruins YOUR credibility.

"You have utterly ruined your credibility in this debate with such transparently disingenuous claims."

Your opinion that my statement was disingenuous is just that. An opinion.

The law in this state -- which the courts have upheld -- say that "covert surveillance" is illegal, even if it is through the front window with the curtains wide open. And it further states that "surveillance" is any "watching" in order to determine my activities or invade my privacy. They further ruled that a home is a place where one might have a reasonable expectation of privacy from that surveillance. (Repeat: surveillance is NOT the same thing as glancing in the window. It is deliberate "watching" without my knowledge or permission. A camera pointed in the window most definitely qualifies, unless I knew about it and gave permission. You can ask the guy who went to prison a couple of years ago all about it.)

BUT -- as I say: you don't have to believe me. You are entitled to your opinion. But you have no sound basis for arguing with me, either. Your guesswork has no more credibility than you say my statements do.

So believe it if you want, or don't and fuck off. I don't really care.

Re:Odd...

[Jah-Wren+Ryel]

Hahahaha! I had already told you it was my state.

No, you did not. Is there some other place you wrote that in this thread? Because I sure didn't see it until you volunteered as a way to avoid actually providing a citation.

What part of "water under the bridge" do YOU not understand?

I dunno, the part where you never actually wrote "water under the bridge" until just now.

And you can just fuck off, asshole.

Yeah, whatever. You are clearly delusional -- unable to support your position with anything more than wishes.

Re:Odd...

[Jane+Q.+Public]

"No, you did not. Is there some other place you wrote that in this thread?"

Are you thick-headed? I was referring to my very first statement: "In this state."

Your opinions about my motivation for not telling you what state it is are nothing more than guesswork on your part, and rather assholey guesswork at that.

"I dunno, the part where you never actually wrote "water under the bridge" until just now."

You didn't even get what I meant by that, did you? Sheesh.

"You are clearly delusional -- unable to support your position with anything more than wishes."

I told you right up front that I wasn't going to tell you that part. If you think any of your insulting, asshole comments are going to get me to change my mind, it is not me who is delusional here.

You might as well just drop it. You haven't made any points for your argument and I am not about to change my policy for your sake.

Re:Odd...

You know nothing about my personal situation or my reasons, so you have no place trying to second-guess me in that regard. You don't know the slightest thing about me and pretending you do ruins YOUR credibility.

If you don't want people judging you personally, then leave your fucking personal life out of the discussion.

Your personal situation was and is totally irrelevant to your point. But you brought it up and then you used it as a excuse for failing to support your argument.

You are really pissing me off here because you are acting out the worst sexist stereotypes of women: completely irrational, expecting special treatment and unable to keep a single thought straight in your head for more than a couple of minutes and then getting hyper-emotional when called on it.

You are the kind of woman who makes it that much harder for the rest of us women to be judged on our abilities instead of the same old, ugly stereotypes you've spent the day reinforcing right here. Shame on you.

Re:Odd...

[Jah-Wren+Ryel]

Are you thick-headed? I was referring to my very first statement: "In this state."

Your very first statement, where? Link to it. Because the only time I saw you say it was, "In my state -- I'm not going to tell you which one it is, because I don't discuss my location on Slashdot" i.e. as part of the very same sentence trying to excuse yourself from providing a citation.

BTW, what you originally wrote was "in most US states would be illegal" - if that were true you should be able to provide a citation to the law in another one of those 26+ mythical states. Since all you do is hide behind claims of being cyberstalked it seems pretty obvious that you are wrong, that you know you are wrong and that you are desperate to flim-flam your way out of admitting you are wrong.

You didn't even get what I meant by that, did you? Sheesh.

You meant that "it is water under the bridge" but you thought you would be clever and mimic my earlier statement. The thing is, you don't seem to understand that what I wrote was a standard form of insult that only works when you quote something already written once before. Since you did not actually use the words "water under the bridge" before that (nor, as far as I can tell, even the concept), your mimicry just became a display of your ignorance.

Re:Odd...

[kenorland]

And like almost all of the people here who have argued with me, you failed to get the point.

No, you fail to get the point. By making the distinction between "detection" and "turning into something intelligible", you are saying that you want the government to regulate in detail what the software on my computer may and may not do with data that I legally obtained. That is an extremely bad and dangerous principle.

And we simply don't need to establish this principle: there is no need for the government to protect people who use unencrypted WiFi from their own stupidity. The dangers are overblown anyway, since important communications are protected through SSL anyway.

If you want to get to the real communication content, there is a whole lot more work (and yes, special equipment) involved.

You don't know what you're talking about.

Re:Odd...

[burning-toast]

Name one computer that comes from the factory with the necessary software to intercept and record unencrypted traffic from an open Wi-Fi? Anybody who wishes to intercept and record such Information from an open wireless network, must obtain special software for the purpose. This is easy enough to do, but such software does not come standard with any computer that I know of.

How about Mac OSX laptops which ship with tcpdump by default? I don't think you should argue from a point of ignorance. Just because you don't know something to be true doesn't mean it isn't.
http://support.apple.com/kb/HT3994

Only a person with a nefarious desire to eavesdrop would go to such effort.

Well, I must be pretty nefarious for having diagnostic tools like that on all of the machines I own then. I should preemptively turn myself into the authorities before I accidentally capture innocent packets.

- Toast

Re:Odd...

[burning-toast]

I couldn't help but notice that you have made a vast number of posts arguing with various people about this issue. Maybe time to walk out in the sunshine and breathe a little bit of fresh air.

Consequently, you may have overestimated how private unencrypted radio communications are or ever have been considered to be.

Even police scanners work off of the same principals you see at work here. Various police departments tried to ban people from using them, but since they were broadcasting a regular analog signal over radio waves they were struck down by the courts. Much of NASA's transmissions can be listened in on for the same reason as well if I'm not mistaken. If it's open communications, analog or digital, which transmit over the airwaves; then consequently you cannot be punished for receiving, decoding, or even recording those communications. There is no expectation of privacy surrounding unencrypted radio signals (analog or digital). The only relevant laws about this is that you cannot interfere with those communications (no transmitting on police or NASA bands for example). You cannot be prosecuted for receiving anything on any airwaves (only transmitting IIRC). It's only when you try to break encrypted communications systems that you can be prosecuted for other crimes (revolving around that act, not possessing the receiver).

If you visit web pages and send e-mail over open (unencrypted) WIFI without using a higher level encryption (HTTPS, SMTPS, etc) then it is EXCEEDINGLY easy to see or reconstruct your entire communication without any specialist tools (software or otherwise). It is transmitted in plain text!

Also, I fail to see how securing FREE applications (especially for FREE operating systems) and learning to use them by means of FREE Google searches or man pages exactly makes them specialist tools. ANYONE with an interest can pickup the tools and learn how to use them for free.

You may be right that it would require specialized tools to reconstruct something like a YouTube video stream (which probably has been done by now). But that is just a matter of someone reverse engineering the protocols behind it, not cracking specific messages. It would not require specialist tools on the same order as what would be necessary to crack encryption protocols. Cracking a protocol in order to be able to decode it is VASTLY different than cracking the encryption to gain access to a specific data flow.

The laws also reflect this. If you transmit something in plain text over the air waves then don't expect the law to protect the privacy of that message, you are the one being the fool. If you encrypt either the link or at least the message then you can be reasonably certain there is privacy. If you don't know the difference between plain text, barely obfuscated plain text (protocol unknown, but data legible / compilable), and encrypted messages then apparently you have missed 2,000 years of history which is no ones fault but yours.

- Toast

Re:Odd...

[icebraining]

OK! Using MacOSX (or is that too specialized for you?):

cd /tmp
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport sniff // wait a few minutes/hours/etc
  CTRL+D to stop
grep 'GET .* HTTP' airportSniff*.cap

Now what?

Re:Odd...

[icebraining]

Oh, please. It's just ASCII, you can "decrypt" that with Notepad! Search for "GET" and you can see each and every HTTP request in clear text, and they all include the Host: header with the domain.

Just try it: capture some packets, open the file with a text editor and search for GET. It's all there.

Re:Odd...

Chill has it exactly correct!!! Case in point: in the late '80s (or early '90s, I don't remember which and am too lazy to google it) the FCC took the EXTREME step of making simply intercepting (or, to be accurate, the wording we *should* be using: receiving) cellular calls illegal, to the extent of even forcing scanner manufacturers to remove the cellular bands from user access. This was a HUGE deal back in the day in the wireless and law enforcement communities. IMHO, it was totally illegal, but since some senators and house members had some (ahem) embarrassing cell conversations made public via receptions, they were able to push it through Congress. Added to that, the cellular companies at the time whined that it would just be too darn expensive and cut too deeply into their profits to encrypt all communications (thus creating an illegal wiretapping situation under then-current law). This situation also helped law enforcement in the long run, because it left cell comms unencrypted and thus still easy to wiretap with a warrant.

Note that they did NOT make the reception of "all unencrypted wireless communications" illegal, ONLY CELLULAR COMMUNICATIONS! Leaving *all* the rest of the spectrum open for reception, unless the user took action to create a private communication path using encryption.

The FCC has never recreated this situation, and has never gone back to Congress to add WiFi or any other type of unencrypted transmission illegal to receive like cellular. The cell companies are to this day operating under this advantage. The pay-TV industry would LOVE to have had this advantage as well, but the FCC did not have the leverage they had in the cellular case to push it though Congress.

Re:Odd...

Not in my state. You only need the consent of one person. That's me and my scanner;

The FBI would like to thank you for bringing this loophole to our attention. We had no idea that we could legally listen in on conversations between you and your friend by simply giving ourselves permission to do so. Outside of getting a warrant, we thought the only other legal method involved getting the permission of one of the parties to the conversation. Silly us.

Re:Odd...

That don't need a warrant. I've had a few of my letters & packages opened and resealed.

That's some funny logic you're using there. "I have had letters and packages opened and resealed, therefore the government did so without a warrant". That's like saying "my phone was wiretapped, therefore the government did it without a warrant", or "my car had a tracking device attached to it, therefore the government did it without a warrant".

I'm sure it must be uncomfortable to imagine that the government just might have something on you, enough to justify a search warrant against you, but it is far more likely that they have something on you rather than they don't need a warrant to search your mail.

I will, however, grant you that they may have ignored the requirement to get a warrant, and searched your mail illegally. But you clearly believe that they may legally search your mail without a warrant, so I'm only including this as a footnote.

Re:Odd...

[Jane+Q.+Public]

"Because the only time I saw you say it was, 'In my state...'"

Jeez. Pardon the hell out of me. It was "in my state" rather than "in this state". I am all fucking corrected now.

"what you originally wrote was 'in most US states would be illegal'"

Yes, and I do believe that pointing a camera covertly through somebody's window would be illegal in most states. I could be wrong... I was using my own state as a model.

"You meant that "it is water under the bridge" but you thought you would be clever and mimic my earlier statement. The thing is, you don't seem to understand that what I wrote was a standard form of insult that only works when you quote something already written once before. Since you did not actually use the words "water under the bridge""

No shit, Sherlock. Wow, what a genius. If you think I did it out of "ignorance", you are very much mistaken. Sure... maybe you didn't appreciate the joke, but then I get the impression you would not have liked anything I wrote.

Re:Odd...

[Jane+Q.+Public]

"Even police scanners work off of the same principals you see at work here. Various police departments tried to ban people from using them, but since they were broadcasting a regular analog signal over radio waves they were struck down by the courts."

The laws may have been overturned in regard to home reception, but a number of states still outlaw the reception of police-band radio in a vehicle.

It is also against Federal law to intercept cell phone transmissions. That's radio, too, over the "public" airwaves.

"If you transmit something in plain text over the air waves then don't expect the law to protect the privacy of that message, you are the one being the fool."

Just no. If you transmit that text with a cell phone, it is protected by Federal law. A cell phone is a radio and the signal is public. And in many circumstances the the content of your cell phone communication is not encrypted.

"If you don't know the difference between plain text, barely obfuscated plain text..."

I know the difference very well, thank you very much. You haven't been paying very close attention to what I have been saying. But really, that's not the main point anyway and it doesn't matter very much. The main point here is that there is solid legal precedent for -- there is existing federal law -- outlawing the reception of unencrypted, "public" airwaves, where that communication is intended to be private.

Re:Odd...

[sumdumass]

I understand where you are coming from and agree with the principle behind it. However, it should be noted that only a law could bar you from doing something. The natural rights of a person to be secure in their home do not necessarily have a legal meaning within the context of the law. Constitutional protections of these rights generally only bar government from violating them.

For instance, If a cop walks up the side walk, onto your drive way and up to your front door using only paths and expected routs that the public would be expected to use in an attempt to contact you, anything he can hear or see in the process is generally exempt from the 4th amendment process. Now if he leaves the path and looks through a window without a warrant or sufficient probable cause, then 4th amendment kicks in strongly. The same is the case with a citizen who isn't restricted by the US Constitution. If you hear or observe something in the same way, it is fair game. If however you leave the path, most state's have laws concerning peeping through windows (mostly aimed at perverts) and trespassing and so on that already bar this activity.

So we have laws that bar cops from something but doesn't necessarily bar citizens from doing it. The problem is that unless the law specifically bars you, you can assume your activities are legal. That is what happened here. A private company asked if a specific law specifically barred them from doing something and the court said that specific law does not specifically bar you because of X. That still doesn't mean it is legal because another law or regulation could bar that specific activity, just not the one questioned.

Re:Odd...

[Jah-Wren+Ryel]

Jeez. Pardon the hell out of me. It was "in my state" rather than "in this state". I am all fucking corrected now.

You are so all over the map that you don't even remember why you brought it up on the first place do you?

I get the impression you would not have liked anything I wrote.

I would love to have heard the one thing that would have made a difference - a reason to believe what you claimed. All this back and forth has been because you refuse to put together a supported argument.

You brought all kinds of personal baggage into it, but the one thing you couldn't make the effort for was to produce proof to support your claims.

Re:Odd...

You keep citing that web page but I'm pretty sure you haven't read it.

(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;

Based on what you've written before you will now be reduced to arguing that deep packet inspection is not "readily accessible" - that falls apart once you realize that access does not imply understanding. This law says nothing about the complexity of parsing the bits, only if the bits can be accessed, and that they can, quite easily.

Re:Odd...

The laws may have been overturned in regard to home reception, but a number of states still outlaw the reception of police-band radio in a vehicle.

Lol. You've now given away what state you live in.

Re:Odd...

"The airwaves are public. You are fully allowed to received any signal that you can reach from your property or public property. "

Absolute bollocks. It is against Federal law to intercept cell phone communications. Those are RADIO, in case you hadn't noticed.

Wow, Jane, you are indeed being a smartass here. As far as your quote about cell communications, it is not pertinent, because it is a specific restriction for *ONLY* cell communications, no other radio comms. Period, end of story, it was a softball toss to the wireless cartel and law enforcement to simplify legal wireless wiretapping and keep profits up by not having to encrypt all cell communications.

So, enough with the smartass statements. Radio reception (note the verbage here: it's not "interception"), unless encrypted (in other words, willful methods implemented to show receivers the intent to provide or create a private communication path, even using simple and BREAKABLE encryption) or the one exception in US law: cellular communications, is NOT PROTECTED UNDER THE LAW! Never has been, never will be. At least, in this country (the USA), which considering some of the words you are using (ie: bollocks), you may not be familiar with US law. Now, it may be different in other countries, but we're specifically discussing US law and US spectrum here, since the subject of the discussion is a case is in a US Court of Appeals.

Re:Odd...

[Jane+Q.+Public]

"You keep citing that web page but I'm pretty sure you haven't read it."

I'm pretty sure YOU haven't read it, because it's far more than just one page.

The part I was specifically referring to was the part that outlaws interception of cell phone signals... which are radio signals, often (usually) unencrypted, over the public airwaves.

Gee... just like wifi.

Re:Odd...

[Jane+Q.+Public]

"Lol. You've now given away what state you live in."

Haha. Not bloody likely. I got that information from Wikipedia.

Re:Odd...

The part I was specifically referring to was the part that outlaws interception of cell phone signals... which are radio signals, often (usually) unencrypted, over the public airwaves.

I read it and it doesn't say what you think it says. Go ahead, prove me wrong and quote it, cut-n-paste is easier than paraphrasing.

Re:Odd...

[cykros]

The thing is, every WiFi access point I've come across ships with instructions, which have all (again, in my experience) advised enabling security on the router. That people may not read these instructions, or follow them, seems nothing worth basing a law on. And I'd certainly not advocate it being legal to crack WPA/WPA2/WEP (even it if may at times be trivial), based on the fact that by setting security settings on the router, the owner has indicated that access to it and the traffic that it handles is to be private. Irresponsible use of technology (which is exactly what failure to read the minimal documentation that comes in the manual routers ship with is) is nothing that government should have any business reinforcing.

Beyond this, it also boils down to a simple matter of legislation offering nothing but a false sense of security to begin with, as passive sniffers are just about impossible to detect in action. The only thing making use of them on unencrypted wifi illegal would change would be the subsequent steps taken once data has been gathered. So instead of sniffing the traffic, and then using what was captured directly as evidence (in the case of a law enforcement sniff), the police would instead sniff the traffic, and then proceed to using the data to direct further investigation to acquire admissible evidence. In the meantime, absolutely nothing would be done to change the fact that due to ignorance, people are still leaving their personal information wide out in the open for anyone with a wifi card and tcpdump (or any of the other tools that'll do the job) to grab. Personally, I'd much favor the relatively brief growing pains while people realize how their radio transceiver equipment works and subsequent GAINS in privacy than using simple legislation to provide a false sense of security.

And that is correct. I do admit there will be growing pains. I'm sure a few people will get pinched for illegal or unseemly activity while they (unreasonably) expected it to be a private matter. While this is regrettable, I fully expect the subsequent large-scale changes in behavior will prevent far more people from having their privacy breached, by criminals rather than law enforcement (if we insist on distinguishing between the two in the first place...). And I think that, given that reality, even your average still-as-yet ignorant American, would agree that in the long run, this court decision is the right one. I could be wrong (or simply putting too much faith in the rational capacities of the average American), but that's the way I see it.

Can't disagree

[bhcompy]

Open networks are just that. If your intent is to keep your transmissions private, you should be using something better than an open network. Intent may be applicable in a pre-trial hearing on the validity of not having a warrant, but requiring insight in to the intent of an open wifi is highly unlikely at the warrant stage without some pretty strong inside information already.

Re:Can't disagree

[wer32r]

No. All it requires is to know what it is, and what it's used for. Anyone capable of listening in to these signals would know the answer to both.

scanners

[theNetImp]

If it's wiretapping than anyone in the last 20 years who owned a scanner should be fined for listening in on their neighbors telephone calls because their wireless household phones weren't encrypted.

Re:scanners

[__aaltlg1547]

That is illegal. Wiretapping is a separate question and it only refers to GOVERNMENT surveillance.

Re:scanners

[helix2301]

Having open wireless is irresponsible and very stupid. I mean if you are crazy enough to leave your wireless open to the world you are stupid enough to get it sniffed.

Re:scanners

You are right, that is why it IS illegal and has been for a long time and why most scanners no longer allow that without aftermarket modifications now are bought by blackmarket or overseas sources. This judge is full of shit and this needs to be overturned by a judge who is either less corrupt or has a brain and knows more than a 2 year old about new technology, cause right now, from what he has shown, my 3 year old nephew knows more than he does.

Re:scanners

[Impy+the+Impiuos+Imp]

The judge did quote that, in this case, there was an apparent deliberate exception in the law for unencrypted networks. He isn't pulling it completely out of his ass.

Re:scanners

Well, by that logic, so should anyone who has a laptop, wireless card, or most of the smartphones, since they could listen in to an open wireless point.
Possession of equipment capable of a crime is not the same as the commission of a crime. See, locksmiths, police, and cane-wielding little old ladys.

General Public

[bondsbw]

It's not illegal to intercept communications "made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public."

Just who is included in the general public here? This is like saying that most everyone who has a Wi-Fi capable computer typically runs a packet analyzer.

Re:General Public

[__aaltlg1547]

Why wouldn't they, given the number of malwares out there that can have such a capacity built-in?

Re:General Public

[Hatta]

No, it's like saying that most everyone who has a WiFi capable computer typically has a packet analyzer readily available. Which is entirely true.

Re:General Public

[bondsbw]

I take "general public" as meaning non-hacker types. Unless they are being distinguished in a different way, such as citizens vs. government (which I doubt anyone means to imply, since that would then imply that the government has a back door into the technology).

Packet sniffing is not what I would deem accessible to the general public, since they don't understand it.

Re:General Public

[Hatta]

Any motivated amateur can do it, for free with standard hardware everyone has, and within a couple minutes of trying. It's readily accessible.

Re:General Public

[Tastecicles]

my AV has a network packet analyser.

NEXT!

One of those rare occasions I agree with the gov

[MikeRT]

IFF the extent of it is to scan the wireless broadcast, not join the network and access the internet, their private network, files, printer(s), etc. then I think this is an amazing case of common sense. Joining their network and using the internet or anything similar to that is akin to going into someone's house and sleeping on their couch while they're not home. Sure, "you may not be harming them" and they're "not using it right now" but that's not relevant to whether you can jump in and use their resources.

Wireless broadcasts without encryption, however, are akin to a neighbor who yells loud enough for everyone to know their family's business. I don't see any difference between my neighbors having a heated conversation that I can hear inside my house and them sending unencrypted packets into my house. The criminality should only come in if and when they are used maliciously.

your intent doesn't matter

[kenorland]

It isn't the function of government to protect your "intent" against your own stupidity.

If you want to keep your communications private, encrypt them.

Re:your intent doesn't matter

[Catiline]

It isn't the function of government to protect your "intent" against your own stupidity.

Bingo! Furthermore, the last few wireless routers I've setup automatically prompted to turn on some form of encryption during that process. If you choose not to use this feature, it should be viewed as a deliberate (not ignorant) choice in the nature of your setup.

Re:your intent doesn't matter

However if you want to increase the legal debate, reserve the outcome to legal judgement and precedent after lengthy and expensive trials rather than the application common sense up front circumventing all that, you would end up with a law professors wet dream.

Re:your intent doesn't matter

"It isn't the function of government to protect your "intent" against your own stupidity."

Well, yes that is a function of government. There are all sorts of laws designed to protect people from having others take advantage of their ignorance.

Re:your intent doesn't matter

There are plenty of people who believe the purpose of the wireless encryption choice and password is to prevent unauthorized people from using their internet connection. They may or may not understand that by not requiring a password to use their connection, they are also allowing people to intercept their own communications. In fact, I suspect most people don't realize that.

Re:your intent doesn't matter

Well, yes that is a function of government...

... but not a legitimate function. Protecting people from their own stupidity is not something governments should be doing, because (a) there is no end to the authoritarianism that results, and (b) you end up producing a society of people who are dumbed down to the level where they cannot function without the nanny state telling them what to do at all times.

Re:your intent doesn't matter

Yeah! And if you don't want to get raped, wear a burka or don't go out without a male relative because it doesn't matter if it's hot out and/or you just want to look nice and wear a dress/skirt!

All them bitches get what they deserve, right?!

(That's why all mail, such as bank statements, billing, and medical documents, are in code, right? That's the only way to keep 'em private.)

Re:your intent doesn't matter

[cantsleep]

If you want to keep your communications private for now, encrypt them in 4096 bit.

-Fixed that for you.

Re:your intent doesn't matter

What's your point?

It's still your responsibility to know what you are doing when you put up an unlicensed wireless transmitter.

Re:your intent doesn't matter

[epp_b]

the last few wireless routers I've setup automatically prompted to turn on some form of encryption during that process.

I recently came across a router that was WPA2 encrypted out of the box with the credentials (a reasonably long numeric string) written on the back. I'm sure each copy of the same router has it's own uniquely generated password.

That just seems so simple and obvious that I have to wonder why it hasn't always been this way.

Re:your intent doesn't matter

[fnj]

Really? A string consisting of solely base-10 numerals? That's not a very effective password in terms of strength per character. Mixed upper and lower case letters plus base-10 numerals allows fewer characters to implement a specified strength.

12345678 represents a search space of only 1.11 x 10^8
aB3456yz represents a search space of 2.22 x 10^14 - two million times larger

Re:your intent doesn't matter

[Tastecicles]

my last tethered router had a WPA key (and a WEP key) both in Hex, written on the back of the unit.

Given that it was highly unlikely that I would use wifi in my own home, considering that when I'm home my laptops etc are plugged in, it made sense that they would also employ one of the several ethernet cables dotted around the place as well. Hence, the wifi was turned off.

I think that's demonstrative enough of intent.

Footnote: If I were to use the wifi functionality of any router I use at home, the first thing I would do is change that key.

Re:your intent doesn't matter

[Tastecicles]

financial records sent through the post are generally placed in envelopes which have an obfuscating pattern of ink on the inside face of the envelope. This is, legally speaking, encryption. To circumvent that encryption means to open the envelope - which is a Federal offence in the US and a Crown offence in the UK. Whatever it's called in your locality may vary, but it goes beyond civil offence.

stupid question but who is orin kerr? :)

[youn]

and why does his/her opinion matter so much in the case? (it maybe does, just seeing the name in the summary made me ask the question)

More on point... if you are going to broadcast open packets for everyone to peruse freely... even outside your house, it is like doing something illegal in public and complaining about being caught for it and any witness is illegally watching over your privacy. If it was a secured network, then yes, it would be illegal snooping

Re:stupid question but who is orin kerr? :)

[Entrope]

Orin Kerr a law professor who has been published a fair number of time on Fourth Amendment computer-related issues. I think he's even had one or two blog posts from the Volokh Conspiracy cited in judicial opinions.

One of the notable ways he got that blog post wrong, though, is that the statute in question provides a specific definition of "an electronic communication system that is configured so that such electronic communication is readily accessible to the general public" -- and unencrypted WiFi networks are covered by that definition. One of the comments on the post provides a citation and the definition.

wow... a judge got one right?

Whether by accident or on purpose it seems the judge got this one right. The protocol specifically provides for encryption in the cases you want privacy. Not turning it on is like shouting your private business from your roof with a megaphone and then getting mad when someone hears it.

Encryption is in there for a reason. Finally a judge who rules on the side of reason, rather than pandering to stupidity and emotion.

Re:wow... a judge got one right?

[91degrees]

Not really. You can't help but to hear it if someone does that.

To tap a wireless network you need to actively listen in, in a manner that is different from what a reasonable person might consider to be the normal mode of use.

Normally

[DaMattster]

I'm not on the side of law enforcement but in this case the ruling is fair game. If you use an open, unencrypted wireless access point you do not have a heightened expectation of privacy.

Re:Normally

[cantsleep]

I completely agree.

The thief isn't responsible when I forget to lock my car/house/computer/belt buckle.

Re:Normally

Error: missing sarcasm tag.

Re:Normally

I don't get why they can't come up with a wifi specification where you can encrypt traffic and people cannot listen in on you. My understanding is if you use PSK and they know the password (like what happens at public places around here), then if they get the handshake packets, they can decrypt your traffic. Why can't it be like TLS with the DHE or other key exchanges, where even if they get the handshake, you are still secure? That would fix the problem of monitoring the wifi traffic.

Re:Normally

[cantsleep]

Sarcasm? ;)

Re:Normally

[DMUTPeregrine]

No, more like "My neighbors aren't responsible for eavesdropping if I'm shouting into a megaphone."

Re:Normally

[cbiltcliffe]

TLS, DHE, and other key exchanges like them are designed for secure communication between two hosts, usually your computer and a server somewhere.
WiFi encryption is specifically designed to allow communication between an access point and all LAN hosts connected to it, not only for all hosts to communicate with the access point, but for all hosts to communicate with each other.

There's no reason why you couldn't configure a unique key for each host, but the encryption overhead (and therefore processing power required) at the AP would increase with more hosts connected, and you'd also have significant key management issues, as you'd have to create a new key for each new coffee shop patron, for example, and expire it when the patron leaves.
There's a feature called AP isolation on some routers that prevents WLAN hosts from seeing each other over the network, but this wouldn't stop sniffing. All it does it prevent rebroadcasting of network traffic by the AP when it's destined for somewhere else on the local network.

Intent doesn't matter

[Hentes]

There are many open wifi access points set up with the intent of giving internet access to anyone who happens to be there. How am I supposed to know that the owner of an open network wants to share it or not?

One's guilt shouldn't depend another's intent

[mc6809e]

One's guilt depends not on whether a rule was followed or broken, but on what another person was thinking?

Kerr is asking too much.

Re:One's guilt shouldn't depend another's intent

... what about laws about rape? Don't those pretty explicitly deal with what the "other" party was thinking?

Re:One's guilt shouldn't depend another's intent

[mc6809e]

... what about laws about rape? Don't those pretty explicitly deal with what the "other" party was thinking?

I don't think so, otherwise rapists might try to claim that while the victim said "no", the victim instead was thinking "yes".

And suppose someone says "yes" but regrets the encounter? Should someone go to jail because another didn't make their thoughts known?

Re:One's guilt shouldn't depend another's intent

[91degrees]

Tech forums always seem to have a certain Asperger thing going on. They find it hard to put themselves in the position of another person.

To most of us, it should be obvious that someone communicating over a wireless network. There are, after all, many reasons one might use an unencrypted network. It would be remarkable strange behaviour for anyone to actually want people to intercept their data, so much so that one might reasonably expect that permission would need to be made explicit.

If you walked up to someone who was using an open network, and asked "Hello. I'd like to intercept your network traffic, do you mind?" what do you think the answer would be?

Re:One's guilt shouldn't depend another's intent

[Todd+Knarr]

Whatever someone intends, the question of what they actually did is still there. If you intend a conversation to be private but conduct it shouting at the top of your lungs in a crowded restaurant, should the courts hold your intent trumped your conduct and force everyone else in that restaurant to plug their ears to avoid overhearing your conversation? Or do they say your conduct trumped your intent, you couldn't possibly have reasonably believed your conversation would be private when carried on that way, and if having all those people overhearing your conversation causes you problems that's your problem not theirs? I think the latter's more likely.

Things aren't private just because you want them to be. You have to also act in a way that keeps them private. If you don't take at least some reasonable steps, then the rest of us are free to assume you don't intend to keep it private.

Re:One's guilt shouldn't depend another's intent

[91degrees]

If you intend a conversation to be private but conduct it shouting at the top of your lungs in a crowded restaurant, should the courts hold your intent trumped your conduct

How often do people do this? No reasonable person would do this in the first place, because it's very clear and obvious that doing so isn't private.

This is a situation where you're actively working to avoid privacy. Nor is it a situation where you need to actively do anything to violate that privacy. It wouldn't be a reasonable expectation from a reasonable person that privacy was expected.

If I was talking at a normal volume in a crowded restaurant, I'd expect privacy, even if it was technically possible for people to listen in.

Re:One's guilt shouldn't depend another's intent

And if you're hard of hearing, you still would think that you're talking at normal volume and expect privacy.

And if you're ignoring warnings to set up WEP/WPA, you still would think that you're not broadcasting it in the open and expect privacy.

What _you think_ about being in private is pretty much irrelevant, what's relevant is are you using physically/legally protected channel for your communication. For cellphones there's legal protection. For your home and your mail envelopes there's both legal and physical protection. For unencrypted WiFi there's neither physical nor, as judge says here, legal protection.

Re:One's guilt shouldn't depend another's intent

[Tastecicles]

intent is the cornerstone of criminal law. Bare facts are the purview of the civil legal system.

Re:One's guilt shouldn't depend another's intent

[Tastecicles]

somebody's confusing a civil action with a criminal one. Intent is only a consideration if you're in a criminal situation. Did you intend to yell state secrets in a crowded restaurant? No? Then you're entitled to plead not guilty and the jury might believe you had no intent to blab. In a civil proceeding the mere fact that you blabbed would be enough for a finding against you, whether you intended to or not is immaterial and frankly the court would not be interested.

Re:One of those rare occasions I agree with the go

That is amazingly backwards. Using a network that has been configured so that everyone can use it is just fine until you get asked not to do so - for example if the name of the network is "you are not allowed to use this network", then OK, it's not allowed. The analogy to using someone else's couch against their wishes is ridiculous - I am sure that you yourself would rather contribute some bandwidth to the neighbor than have them hang out in your house when you are not there against your wishes, so you refute your own argument - it's not the same thing. You call the cops on squatters, you set up your network properly if you want to prevent people from using it. Not the same thing at all.

However, intercepting other people's network traffic in order to gain information is like opening someone's mail - it's not secured, you only need trivial tools to gain access to it, but there is no reasonable expectation that you are allowed to read it. Your analogy that it is like hearing someone's heated argument fails because in that case it is them informing you about their secrets and not you actively invading their privacy. The difference is that your ears work automatically outside of your will, which is no one is going to blame you for, but you need equipment to intercept private email. In the same way, if you set up a very sensitive microphone in order to detect even faint whispers coming from your neighbor's property, you are doing something creepy that goes beyond just overhearing a heated argument.

He's Wrong

[SwashbucklingCowboy]

The intent doesn't matter, if it did it would have been written into the law. Besides, someone scanning wifi channels cannot know with certainty what the intent of someone who hasn't encrypted a particular network is.

Agree with the judge

When you want to have a private conversation do you go out in the street and yell back and forth? No. You go into a room and close the door.

People generally make some effort when they don't want other people to hear them. The internet is no different. And ignorance is not an excuse.

k, then

[JustOK]

Using it to snoop on the owners or other users is wrong. Using it to get to the internet, not so much.

Shouting

[fsck1nhippies]

Why is listening to unencrypted WiFi any different than overhearing someone shout in public?

If sniffing wifi networks isn't wiretapping,

[Compaqt]

sniffing a police station's or an FBI office's wifi isn't wiretapping, either, right?

Re:If sniffing wifi networks isn't wiretapping,

No, it isn't.
There is probably a different set of laws that make that illegal though.
But it's not wiretapping.

Re:If sniffing wifi networks isn't wiretapping,

[arbiter1]

Well what are chances police and FBI are open wifi point? which this covers and not wpa2 or something encyption

Re:If sniffing wifi networks isn't wiretapping,

[fnj]

Pretty high, actually, if you put much stock in my evaluation of their general prowess.

Re:If sniffing wifi networks isn't wiretapping,

[Tastecicles]

not if it's open.

Re:One of those rare occasions I agree with the go

Sure, "you may not be harming them" and they're "not using it right now" but that's not relevant to whether you can jump in and use their resources.

I never see this argument modded up on Slashdot, let alone to plus five, when the subject is digital piracy. In fact, they're usually modded down as "trolls" so you can't even see them except for quotes by people posting rebuttals.

Funny how that works.

Re:One of those rare occasions I agree with the go

[cpu6502]

>>> I don't see any difference between my neighbors having a heated conversation that I can hear inside my house and them sending unencrypted packets into my house.

Agreed.
Reminds me of the couple I lived next door to. The guy was constantly yelling at his girlfriend, which made her cry. Then he'd yell "But I love you!" Once they started arguing in the parking lot, so I went to my window to see what was going on. He pointed at my window and said, "What's your problem?" and then came charging up the stairs and pounding on my door.

I guess I was just all supposed to pretend none of this was happening, as if the sounds were not entering my apartment. Just as I'm supposed to pretend I don't see 2 open Wifis broadcasting to my PC. ----- Sorry but I disagree with persons who think that.

Re:One of those rare occasions I agree with the go

[Kjella]

Wireless broadcasts without encryption, however, are akin to a neighbor who yells loud enough for everyone to know their family's business. I don't see any difference between my neighbors having a heated conversation that I can hear inside my house and them sending unencrypted packets into my house.

The difference is that each packet is keyed to the recipients address and to listen in you need a device explicitly made to intercept packets going to others. If you have tenants and offer them internet service and set up a dump of their traffic, are you doing a wiretap? Hell yes. If you are on a cable loop and modify the cable modem to dump all packets for everyone on the loop, are you doing a wiretap? Hell yes. Note that in an earlier case they found the exception didn't apply to cordless phones - the intent was obviously that it was designed to only be received on the handset it belonged to. Wifi packets are the same, you only intend to communicate with that one card and not the world. That it's unencrypted is mostly irrelevant, if you go through a door marked "staff only" you're trespassing even though it was unlocked. The intented user was clear.

Re:One of those rare occasions I agree with the go

[cantsleep]

Interesting analogy of a 'yelling' neighbor. Unfortunately it's not helping your point.

-You can't stop but to hear a yelling neighbor.

-Is your personal network interrupted by theirs?

-Do they have a reasonable expectation of privacy?

Sending an "unencrypted" love letter to a girlfriend by postal mail offers me adequate expectation of privacy... and anyone can just simply intercept that letter many ways.

You are trying to make a point that because you CAN do something from the comfort of your own home/car/bike you SHOULD be able to do it.

The general public doesn't "readily have access" to interpret unencrypted wifi networks any _more_ than we have access intercepting personal wireless phones (which is also easy).

We dont have any _less_ access to DVD decryption software (which is illegal, I'm told) than we do to wifi monitoring tools.

Kerr is wrong

[Todd+Knarr]

Orin Kerr is wrong. Intent matters, but only up to the point where it's reasonable. If you decide to discuss a sensitive private matter with your SO by yelling at each other at the top of your lungs in a crowded lobby, you can't possibly reasonably expect that conversation not to be overheard by everyone in the lobby. The same with unsecured WiFi: you're broadcasting your traffic in the clear to anyone who has a receiver and you know this. It's up to you, if you intend a communication to be private, to take at least some reasonable steps to make it private. Choosing a method that's so blatantly exposing the communication to the public is decidedly not such a reasonable step. If you don't like it, sorry but the rest of us didn't agree to plug our ears just because you find it inconvenient to go somewhere private to have a private conversation.

Re:Kerr is wrong

[RicktheBrick]

You are trying to destroy the value of WiFi. So you are saying that it is okay to listen to all the communications at every restaurant, hotel, rest area just because they have open WiFi so that anyone can use it. I have read that everyone should leave their WiFi system open as a courtesy so that people can make phone calls, download books while walking in front of your house. But if the government encourages people to listen in than I guess a large number of people will not have open WiFi systems just for that reason. I still suspect that if I kept an open WiFi system and someone downloaded a child pornography file that I would be suspect of possessing that file so for that reason I do not have an open WiFi.

Re:Kerr is wrong

Most WiFi routers include the thing called "Guest WLAN" for people who wish to extend this courtesy, but don't want to abandon their privacy for it.

Re:Kerr is wrong

[kenorland]

You are trying to destroy the value of WiFi. So you are saying that it is okay to listen to all the communications at every restaurant, hotel, rest area just because they have open WiFi so that anyone can use it.

Basically, yes. Some of that data ends up on your computer anyway.

I have read that everyone should leave their WiFi system open as a courtesy so that people can make phone calls, download books while walking in front of your house.

Sure, if you want a visit from the FBI, CIA, RIAA, MPAA, DHS, or DEA. They are first going to hold you responsible for what happens on your access point and then sort it out later.

Re:Kerr is wrong

[fnj]

You do understand that the open Wi-Fi WAN side should be the only ethernet entity on its own separate zone behind the main firewall, completely isolated from the main local zone, right? It's really not that much trouble and expense to set it up that way. I don't want even an ENCRYPTED Wi-Fi with excellent WPA password protection and SSID broadcast turned off on my main local zone. It's far too much of a security risk. I know it's a nuisance, but that's life. If I want to copy wireless to wireless or wireless to local ethernet, I can hook the wireless end(s) up on ethernet for that purpose, or use a USB stick, or some other workaround.

I know you can also play games with the netmask on the WAN side of the wireless router to make sure it can only reach the default gateway and not the rest of the local zone, but any primary wired router I use is going to have two zones of its own anyway, so might as well do it right.

Finally as to the [HORROR - IT'S THE BOOGEYMAN] child porn / terrorism concern - actually, having open Wi-Fi instead of secured Wi-Fi is your best defense (always assuming you are in actuality not guilty). It means the prosecution cannot make an effective case that the offender must have been you if you point out that the Wi-Fi is open. If it is secured, they have a better chance of making the case, if someone does succeed in hacking into it. It's balance of risks. No strategy is 100% safe in today's climate.

Re:Kerr is wrong

[Tastecicles]

My solution would be this:

Home network on a fully tethered topography. No wireless.

Wireless LAN on a different subnet, connected via another firewall to the Home network.

So you have:

Internet-Firewall1-LAN1-Firewall2-WLAN2

With this at any point you can physically disable the wireless simply by unplugging the power supply from that router and not disturb the rest of the network. You can also cap bandwidth to the WLAN from any terminal off the LAN1 router and there's not a thing anyone connecting via the WLAN can do about it. Want to apply filters? Use the functionality on the LAN1 router, if it's available.

Re:One of those rare occasions I agree with the go

[mysteryvortex]

Joining their network and using the internet or anything similar to that is akin to going into someone's house and sleeping on their couch while they're not home.

The problem with your analogy is that they are transmitting beacons frames without the privacy bit set. This frame basically says: "Hi I am a WiFi network, here is my name and all the other info you need to connect to me if you want to!" If you set the privacy bit it basically says: "Hi I am a WiFi network, here is my name and all the other info you need to connect to me if you are authorized!"

In the case of your analogy, the beacon frame sans privacy bit is the eqivalent of posting a sign that says: "Feel free to sleep on my couch if you want to!"

Whether or not the default mode should be open or private is another debate, and I understand that most new consumer wifi equipment has been addressing this from the should private point of view for quite a while. (see WPS)

amateur radio

As an amateur radio operator, there is overlap in the 2.4ghz range that WiFi uses, that I can use higher power on and other modifications. When I do this though, I still have to follow the FCC Regulations assigned to me as an amateur radio operator. 1. I have to broadcast my call. 2. It can not be encrypted. The reasoning is that by the FCC Regulations, other amateur radio operators shall be able to learn and listen. .. So, in my eyes, if some one's WiFi AP is not encrypted, they must be an amateur radio operator who is not broadcasting their call.

Not reasonable

[the+eric+conspiracy]

This judge is in contempt of common sense.

Just because I leave my car unlocked with the key in the ignition doesn't give you the right to drive away in the car, nor does the fact I forgot to lock my front door give you the right to search my house.

Re:Not reasonable

But if you paint your social security number onto the side of your house, why is it my fault I can see it?

Re:Not reasonable

[silas_moeckel]

How about a common converse issue person A has a smartphone setup to connect to his linksys wireless network he walks down the street and the phone connects to his neighbors linksys network. Was he wiretapping or ortherwise hacking there network? Common sense tells me no they did nothing to keep there signal contained within there property or to keep people out of there network. As a network eng I know that basic troubleshooting involved sniffing traffic. From the case they were not spoofing the gateway IP or otherwise gaming the network, just listening to what they could see. This is no different than you shouting next to me and then complaining that I overheard.

Re:Not reasonable

[the+eric+conspiracy]

As the article implied it's a matter of intent. You and your smart phone aren't going around with the intent of collecting information in furtherance of some purpose you will gain something from. You have a technological device that makes a connection boom done.

The patent troll in this case is doing this with the intent of collecting information in order to further a court case.

BIG DIFFERENCE.

Re:Not reasonable

[fnj]

I'm not so sure. I strongly suspect that you would have a REALLY difficult time with your insurance company if you they somehow found out you left the key in the ignition of your unlocked car when it was stolen. I have some real suspicion that you would be at risk of contributory fault due to negligence, as well, if the thief used your car in the commission of a crime or civil infraction involving large monetary damage (think "crashes through somebody's living room").

I'll give you a better case. If you live in a state which demands your firearms be stored in a lockup at all times when not in use, I KNOW you would be in BIG, BIG trouble if you left the key in the lock of your gun safe, someone BROKE AND ENTERED, STOLE one of your firearms, and used it in the commission of some crime.

As to not locking your front door, I'll give you that one, but how about this? How if you left the front door standing open? Legally, that removes the breaking from "breaking and entering" because the property is now viewed as "open to enter".

Re:Not reasonable

[Tastecicles]

wait... are you saying you own the exclusive rights to a radio signal emanating in cleartext, in all directions from the point of origin (being your house) at the speed of light??

Good luck with that.

Let's all take a minute of silence for...

the land of "freedom".

"public"

[spongman]

i recommend that we come up with some way of making un-encrypted wi-fi networks a thing of the past.

one simple solution would be to have wi-fi clients automatically attempt to use the default password "open" for encrypted networks if none is supplied.

wi-fi access points should strongly indicate to users that using the password "open" is better for security than no password.

  o : private network. password: __________
  o : create open network (password is "open")
  o : create insecure network (NOT RECOMMENDED)

Re:"public"

[fnj]

I move that everybody disregard your recommendation, which is an intrusion for which you offer no justification.

Re:"public"

[spongman]

An intrusion. What are you talking about?

I'm suggesting a simple, backwardly compatible way to end the broadcast of unencrypted WPA traffic.

You offer no justification for your objection, so I'm guessing you're just a troll.

Re:"public"

[fnj]

Your suggestion is intruding in the market and in personal choice. I don't have to justify my objection; it is self-evident. You have to justify your intrusion.

You can guess what you want, you unpleasant name-caller.

Re:"public"

[spongman]

Your suggestion is intruding in the market and in personal choice.

how?

I don't have to justify my objection; it is self-evident.

not only is the justification for your objection not self-evident, your objection itself is not evident. you didn't even say what you don't like about what i said.

You have to justify your intrusion.

what intrusion?

you either didn't read my post, don't understand english, or are simply a troll.

or, maybe you think that it's a good thing that unsuspecting people broadcast their private information over unencrypted channels. nice.

Re:ERGO SOFTWARE AND MOVIES WITHOUT DRM ARE FREE !

[tgibbs]

Movies and software generally have copyright notices which state that they are protected. So if you could figure out how to watch somebody else's movie being streamed over the internet, you would probably be free to do it, but you could not legally make a copy of it.

Obvious solution

All WiFi networks should transmit an intent bit. Problem solved!

Re:One of those rare occasions I agree with the go

[houghi]

It is legal. It is technical possible. It still is not the right thing to do.

Just because I can sleep with my best friends wife does not mean I should do it.

Re:One of those rare occasions I agree with the go

Since when could you see and/or hear the information flowing through he airways without special equipment. And you must be some kinda superman to not only be able to see and detect the information without hardware setup to do it but to be able to read and decode binary that quickly.

Also, I will remember to bring some military grade listening devices and aim it at your windows to amplify the sound you are carelessly letting out into the outside world and filtering it to clean it up so I can hear crystal clear what all you like talking about heck, might even make a website about it and post the audio and infrared images of you the next time you and your girl are having sex to some websites, I hear 4chan might like it and you won't mind obviously or you would have taken steps to ensure that the sound and heat signatures never made it out of your house, if you have an open window by your bed, even better.

Tell this to Google...

[Cyfun]

Google did this to a far less invasive extent, they didn't even necessarily connect to open networks, just sniffed the airwaves for random information, and they got royally bitch-slapped for invading peoples' privacy.

Does this ruling mean that Google can get a refund for all those fines they had to pay? Or for that matter, does this mean that I personally can hop on my neighbor's open WAP, inventively named "linksys," and legally steal their packetses?

Silence, Mr. Kerr, We're Common-Law.

Mr. Kerr must understand that the USA (except Louisiana, Puerto Rico, and most of the remaining insular possessions) have a common-law legal system in that academia does not usurp the bench in finding what the law is, despite its "persuasive authority".

Makes sense..`

[WalkingBear]

Using an unencrypted, open wifi connection is the 2012 equivalent of using morse code over shortwave or other open broadcast. You have specifically configured your wifi transceivers to forgo encryption and created a public broadcast station.

a radio broadcast

[pbjones]

doesn't matter who is listening, in an age where encryption is standard, if you don't use encryption, or if you don't limit your transmission radius, then you have not indicated that you which your wi-fi to be private. A transmission via radio is open to 'listening' under laws in many countries, it is what you do with the material that is usually restricted.

Re:a radio broadcast

This really should be the end-all and be-all of it.

Either encrypt the network, or encrypt aspects of the traffic you wish to keep private. Anything else would indicate that you don't care to make an effort to keep it 'secret'. and therefore don't care whether it remains so or not.

Re:a radio broadcast

did anyone notice they were going to spend $700 for a specialized AirPCap wifi card for sniffing?!

fine by me.

Welp, I'm quite certain that the intent of most people's open networks is not that everyone can wiretap it.

          BUT, I do think the point of this wiretap exception is clear, and clearly applies here. Wiretapping is a serious crime, and if someone is either putting receiving equipment near a wire or actually hooking into it, they are going to some serious effort; if they intercept encrypted wireless transmissions and decrypt them they are going to some serious effort. Picking a wifi network off a list takes no serious effort. I'm sure the original intent was so someone could not get in trouble for tuning around the dial with their ham or shortwave radio, and pick up some broadcast that somebody assumed was "secure" even though it was plain jane AM. Open wifi is analogous.

Wiretapping by Governments vs. Crackers

[billstewart]

Yes, if you want to keep your communications private from private eavesdroppers, you'll have to do that yourself, though they'll let you use the courts for civil lawsuits in some kinds of privacy violation cases.

But this isn't about private wiretapping, it's about government wiretapping, the kind that many people think should be covered by the Fourth Amendment. It's an entirely different issue. After all, if the government wants to open all of your mail and read it, or climb into your house if you forgot to lock all the windows, or break down your door with a battering ram, or tap your phone wires even though they're not encrypted, they used to have to get a warrant first. Same thing should apply here.

There's also a standards problem - the original Wifi security models were designed for business users, so encryption and access authentication are bundled together; they didn't provide an allow-anybody-and-encrypt-everything guest mode. (You could argue that an encrypted open guest mode is susceptible to man-in-the-middle attacks, so it's a false illusion of security, but I'd still rather have it be the default.)

Re:Wiretapping by Governments vs. Crackers

[kenorland]

But this isn't about private wiretapping, it's about government wiretapping

I'm sympathetic to what you want to achieve, but using wiretapping laws to achieve it is pointless. There are tons of other places where the government can collect private information on individuals without violating wiretapping laws.

What we really need is requiring warrants for aggregating and mining individual information, regardless of the technology involved. These warrants should be easy to obtain in many circumstances, but the important thing is that the judicial branch should be able to keep track of it and limit the power of police if necessary.

I do agree to this ruling

[gweihir]

Its a question of effort. Wiretapping requires you at least to identify the wire and access it. That is typically breaking-and-entering and some mechanical damage or changes to the wire tapped. Unsecured wireless (and that is what unencrypted wireless is), just requires you to start some sniffer software in the general vicinity.

Unencrypted wireless is like a billboard: Anybody close enough can read anything, and there is zero changes or impact to the billboard itself. Or put differently: If you pump these radio-waves out for anybody to see them, somebody is bound to look.
 

Re:I do agree to this ruling

[Loki_1929]

By that logic, if I don't close and lock my windows, the police can climb into my living room and wander around my house without a warrant, arresting me for anything they happen to see. After all, if the police didn't have to pick a lock or kick in a door or make any changes to my house to enter it, anyone can just climb on in and look around. Therefore it's also okay for the police to do that.

Re:I do agree to this ruling

[Tastecicles]

The police operate under restrictions as to what they can do and how they go about it - which is why that logic fails.

Re:I do agree to this ruling

[gweihir]

Have you read my posting? Are you mentally challenged? Entering without breaking counts in the "wiretap" class, very, very obviously, not the "billboard" class.

So to replace your clueless example: If the police sees something illegal on your front lawn in plain sight, of course they can act on it.

Re:I do agree to this ruling

[Loki_1929]

The discussion is about what those restrictions are and the logic supporting them. Ergo, the point remains relevant. If the legal principle is how much effort gaining access requires and we're content to allow legal access when little effort is required to gain it and no changes are made in order to gain access, then police can march through an open door or climb through an open window.

I believe the standard should be whether a reasonable individual believes they have a reasonable expectation of privacy. If one is standing in the public square yelling into their phone, no reasonable person has an expectation that agents of the government won't be able to hear their side of the conversation. They do, however, have a reasonable expectation that agents of the government won't sit in a van nearby pulling the entire conversation from the air so they can listen to it. Further, if one is scrawling a message in chalk in the public square, they cannot reasonably have an expectation that agents of the government won't be able to read what they've written. If they're typing that message into a computer and posting it in a private forum, they have a reasonable expectation that government agents aren't sitting in a van pulling their data out of the air and looking at it.

Re:I do agree to this ruling

[Loki_1929]

When you're done with all that ad hominem, let me know.

Until then, learn the difference between something you can see with your natural, unaided eye (such as a billboard or something illegal on your front lawn) and something that requires a computer, wireless card, drivers that support promiscuous mode, an operating system that supports that driver with a network stack that supports that mode of operation, a sniffer program to pull down the data, and an application that can translate that data into human-readable content for the police to view with their natural, unaided eyes.

At the very least, this kind of logic would make it perfectly legal to intercept everything from your cell phone calls to your wireless Xbox controller's signals without a warrant.

Re:I do agree to this ruling

[burning-toast]

Until then, learn the difference between something you can see with your natural, unaided eye (such as a billboard or something illegal on your front lawn) and something that requires a computer, wireless card, drivers that support promiscuous mode, an operating system that supports that driver with a network stack that supports that mode of operation, a sniffer program to pull down the data, and an application that can translate that data into human-readable content for the police to view with their natural, unaided eyes.

Does it change your calculation when all of those requirements are fulfilled by a stock Mac OSX Laptop with no special tools on it? Also, your cell call interception thing is a bit out of date since encryption is used there.

Consider this: If you get on a CB (or other unlicensed) radio, and proceed to talk about a crime you committed, would you be surprised to find that you are investigated by police? After all, they would have needed "special" equipment to intercept that transmission. Unlicensed band is unlicensed band after all...

- Toast

Re:I do agree to this ruling

[gweihir]

There is no ad hominem in my posting, I suggest you read the definition of that term before using it.

Pretending that you do not understand the comparison I made makes you look very, very stupid. I just pointed that out.

Re:I do agree to this ruling

[gweihir]

Exactly my point.

No. Encrypted Guest Mode's missing

[billstewart]

The protocol provides for authentication if you want authentication, and provides for encryption of authenticated traffic, because that matched the most common business model of the businesses who got the standards passed. It doesn't provide for encrypted guest mode, so there's no direct way to get privacy while allowing anybody to access your internet connection; you can fake it by setting your SSID to "Password=guest" or some such. There have even been some recent newspaper articles on a proposal to allow default backdoor access for emergency personnel like firefighters, most of which doesn't recognize that they're really looking for guest access. (5-10 years ago, you could just use "linksys" as your roaming internet access provider, and it'd usually work, but wifi routers pretty much all want the owner to configure security these days.)

The issue is police, not private thieves

[billstewart]

Yes, if you use your credit card over unencrypted wifi or leak the passwords to your bank account, all that data is fair game to thieves and you should have encrypted it to protect yourself.

But the government aren't supposed to be data thieves; they're supposed to get warrants when they want to wiretap you, just as they're supposed to get warrants before walking into your house even if you've left the door unlocked.

Re:One of those rare occasions I agree with the go

[fnj]

transmitting beacons frames without the privacy bit set

That's not really a privacy bit. It's an encryption flag. I say this knowing that it's called the "Privacy bit". /quibble

Whatever the legalities...

[fm6]

If you're using an open access point, and privacy is an issue, you need to use a VPN. If your privacy is violated, do you really care if it's a government agent or some creep who wants your credit card numbers?

Once again, no false dichotomies please. Telling people they need to guard against snooping is not the same as condoning said snooping.

Orin Kerr

[bmo]

is entirely ignorant of baby monitors and all sorts of other Part 15 devices.

This ruling harmonizes unencrypted WiFi with every other Part 15 device out there.

Kerr is a moron.

--
BMO

Nobody is suggesting that ...

the network is set up with the goal of being able to read private information?

Well that may not be the "goal", but it's certainly an expected outcome.

I'm sorry, but I agree with this ruling. If you want to secure your network, encrypt it.
If you want to leave it open for anyone to use, but still have your traffic open, encrypt it at the application level: HTTPS, SFTP, etc.

or set up two SSIDs like many routers let you do. One open, one closed.

If you buy a toaster..

and you don't understand what it does, or how it works... and you try to preheat a fork or something...

FTC v. Google?

[shentino]

Somehow I think that Google would be interested in this case being brought before the FTC's case against Google for data slurping.

That which is not encrypted is "broadcast".

[couchslug]

Listening to broadcast wifi is no different than monitoring a CB.

Fair is fair

Yeah, and the guy peeking in my window isn't a Peeping Tom, because (a) I left my curtains open, nice day that it was, and (b) I live in a compartment -- er, I mean apartment -- so I don't own the land outside my window.

I guess you have to have a mortgage and a guard dog to have any "reasonable expectation of privacy". What a country!

Don't shout if you want to keep a secret

[bkcallahan]

It doesn't matter if someone's intent is to keep things private; if they shout it out, it's public.

Re:One of those rare occasions I agree with the go

I guess I was just all supposed to pretend none of this was happening

Well it'd certainly be the polite thing to do (as long as no one was being physically harmed). Not that I'd expect you to understand anything about being polite.

What's the difference?

An unencrypted WiFi signal no different from a CB or Ham radio. Anyone who can build or buy the equipment is allowed to listen.

Re:One of those rare occasions I agree with the go

[cpu6502]

>>>>>
I guess I was just all supposed to pretend none of this was happening

Well it'd certainly be the polite thing to do (as long as no one was being physically harmed). Not that I'd expect you to understand anything about being polite.

It's a PUBLIC parking lot. If I hear people yelling at one another, of course I'm going to look to see what the hell is going on. (And you would too.) The guy crossed the line when he came marching up the steps and pounding on my door (thus putting me in fear). But then I guesd you think th't sjust "a-okay" huh? Stupikd erhr fujckign peic eof shit. Burn in hell.

Re:One of those rare occasions I agree with the go

It's a PUBLIC parking lot.

And?

If I hear people yelling at one another, of course I'm going to look to see what the hell is going on. (And you would too.)

No I wouldn't. Not unless what I heard told me that I should make it my business. In which case I would step in, not simply look-on like a highway rubbernecker.

Just like a child throwing a temper tantrum in a grocery store, it only works if there are people sticking their nose in the parent's business, making the parent feel uncomfortable about the continued actions of their child. So as a considerate action towards the parent, I go about my business, pretending that the child isn't throwing a temper tantrum, in the hope that the child learns that a temper tantrum will not work.

The guy crossed the line when he came marching up the steps and pounding on my door (thus putting me in fear). But then I guesd you think th't sjust "a-okay" huh? Stupikd erhr fujckign peic eof shit. Burn in hell.

I never said I approved of what the guy then did to you. Please do not put words in my mouth. I actually think what he did to you was wrong. I was simply commenting on the fact that, yes, you were supposed to pretend none of that was happening (unless something you heard indicated that you should make it your business and step in).