Nebraska Sheriff Wardriving, Sending Letters About Unsecured Wi-Fi

An anonymous reader sends this quote from JournalStar.com: "The Lancaster County Sheriff’s Office has seen an increase in scammers using unsecured Wi-Fi connections to steal identities and mask their crimes during the past six months, Sheriff Terry Wagner said. ... So deputies spent the past few weeks finding unsecure connections and sending 40 to 50 letters to let people know about the potential dangers of strangers accessing their network connections. 'You're just opening yourself up for a series of potential pitfalls,' Chief Deputy Jeff Bliemeister said. ... Bliemeister said only businesses like coffee shops that offer Internet connections to customers need unsecured Internet connections.

Law Enforcement at Work

[ackthpt]

Applause!

Much better than that goofball sheriff in Aridzona.

Re:Law Enforcement at Work

[mpoulton]

Applause!

Much better than that goofball sheriff in Aridzona.

Those of us in Maricopa County can worry about our sheriff; the rest of the country can worry about theirs. It's a local elected office. I do not understand the national media attention.

With that said, I do not support Arpaio or his policies and do not vote for him.

Re:Law Enforcement at Work

[IceNinjaNine]

Those of us in Maricopa County can worry about our sheriff; the rest of the country can worry about theirs. It's a local elected office. I do not understand the national media attention.

As a former Phoenix resident, I have to say maybe it's because of things like this and this?

Sorry, but once you step over the line and nobody else is reigning it in, it becomes a federal problem.

Re:Law Enforcement at Work

[Hatta]

Criminal behavior by public officials anywhere in the country affects everyone. The Feds need to make an example of Arpaio, lest his corrupting influence spread.

Re:Law Enforcement at Work

[pavon]

Those of us in Maricopa County can worry about our sheriff; the rest of the country can worry about theirs. It's a local elected office. I do not understand the national media attention.

American citizens don't deserve to loose the fundamental constitutionally guaranteed rights when they travel through another county. Nor do prisoners deserve to be loose their (more limited) rights because they are transferred into your county. It's essential that his abuses get national media attention, so the rest of us can know to stay out of Maricopa county until you guys (or the feds) finally get around to doing something about it.

Re:Law Enforcement at Work

[Dishevel]

To be fair though the administration started attacking him first.

Re:Law Enforcement at Work

[Larry_Dillon]

Because I might drive through your lovely county some day.

Re:Law Enforcement at Work

[Cajun+Hell]

I do not understand the national media attention.

Please remember that Charlie Sheen, Lindsay Lohan, etc are also "worthy" of media attention. It's not like the bar is high. They're nutjobs and so is your sheriff, and it's all fair game for worldwide entertainment, whether the nut represents all spectators or not.

It's just that people expect that kind of shit from drug-addled Hollywood types; that's a sort of baseline of entertainment. Maricopa county took it to the next step, beating Hollywood in two ways:

1. It's government, and better yet, the law enforcement part, which will always be special. Charlie Sheen as an actor, or even in government doing a job like Building Inspector, wouldn't be nearly as interesting as Charlie Sheen employed as Sheriff. I'm not even sure governor (there have been a few Hollywood types with that job title, though they weren't in the same league of insanity) would be quite as visceral as a nutjob sheriff.
2. It's an elected office, not thrust upon you. If Lindsay Lohan were your unelected police captain, people the world over might criticize your mayor. But if you elected Lindsay Lohan, some of her disgrace would be yours. Whether you think it's fair or not, we Americans do get some blame for the low class of people we elect, and your county elected a total scumbag and keeps on doing it. Nothing personal, but it's sort of like America after the 2004 re-election of Bush, or someone going out and buying Windows 98 (rather than being stuck with it as a preload), after already trying Windows 95. At some point, it's hard to not blame the victim, you know? And that makes it all the more shocking/entertaining.

To recap. Baseline: nut (already attention-worthy, right there). Add: power. Add: elected. Really, you don't understand the attention? No, I think you just regret the attention. ;-)

Re:Law Enforcement at Work

[fm6]

Oh that's funny, It's OK for your local official to interfere with stuff that has nothing to do with his responsibilities or jurisdiction and that affect the whole country. But if the rest of us complain about it, we're the ones messing with a local official?

I love the way right-wingers make idiots of themselves, and then when people notice it, they complain about the "national media". Take some fucking responsibility, dude.

Re:Law Enforcement at Work

[hey!]

Those of us in Maricopa County can worry about our sheriff; the rest of the country can worry about theirs.

Not when he started to investigate Obama's birth certificate. Arpaio is the one trying to put the Maricopa sheriff's office on the national stage, and when he does that the people who elected him have to take the criticism that provokes.

Re:Law Enforcement at Work

[reboot246]

If you think Obama is right of center, you're deluded.

Re:Law Enforcement at Work

He said he would vote against telecom immunity but voted for it.
He said he would have the DoJ ease up on the prosecution of medical marijuana but they did the opposite.
He said he was going to institute a new era of transparency and rule of law but did neither.
He said he would shut Gtimo, and end torture camps around the world, he did the opposite.
He escalated foreign wars and most of them are actually secret, unofficial wars.
He claims the right to kill American citizen without due process; not even Bush made that claim.

The only one that is deluded is you.

Re:Law Enforcement at Work

[wolrahnaes]

On a world scale, yes, yes he is. The US view of "center" is just fucked off to the right by a lot.

Re:Law Enforcement at Work

[Dzimas]

Take a look at this chart of the political opinions expressed by world leaders: http://www.politicalcompass.org/images/internationalchart.png

Hugo Chavez is left wing. The Dali Lama is left wing. Romney and Obama? On the broad global stage, they're both sharply right wing. The fact that their campaigns have you believing they're worlds apart is simply not reflected in their actual policies and rhetoric.

How do they know exactlywhere to send the letters?

[ZorinLynx]

In a dense area you might pick up 15 different access points, 2-3 of them open. Unless they have sophisticated RF locating equipment the letters are just going to be out based on a best guess scenario.

The only place I can see this working is suburbs with wide spacing between homes, or rural areas.

Re:unsecured wifi?

Um, firesheep works in that scenario.

You're confusing L2 security with transport security for http traffic, very different things

Re:How do they know exactlywhere to send the lette

[wierd_w]

2 deputies with directional antennas.

If you can find warships that way, you can find wifi hotspots.

Re:How do they know exactlywhere to send the lette

[taustin]

You've never been to Nebraska, have you? Google says the population of Lincoln is about 260,000 total. There are apartment complexes in Los Angeles with nearly that many people. Houses have yards, there aren't many multi-story buildings (especially residential). The only "sophisticated RF locating equipment" is the number of bars on the signal idicator in the system tray in Windows, which will vary visible from one house to the next.

Proactive Police Work Preventing Victimization

[Lashat]

Other Law Enforcement please take note. Follow this model for other crime prevention and imporve your community.

Thank You
Taxpayers

Re:Proactive Police Work Preventing Victimization

[Revotron]

If you were to equate this article to trying to prevent rape, then the equivalent action by the police would be to tell women not to fall asleep naked spread-eagle in a dark alley. To some people, that's a "duh" thing, but to some less-street-smart people it's quite a notion. THAT'S the basic premise here. Make it harder for a criminal to do their job and you decrease the chance that a crime will happen.

Re:unsecured wifi?

[cluedweasel]

We tried this where I work. You would think it would be easy. Just set a key and put a notice up with the key on it. Forget it. It was way beyond the ability of most of our visitors to input a simple key, just a simple pass phrase. After a week of people complaining, the boss decided we should go back to fully open guest wireless access.

Re:I'd leave my wifi open

[joaosantos]

In some places you are legally responsible for what people do with your internet connection.

Re:unsecured wifi?

set BSSID to: the password is McDonald's

Re:If a Business can do it, why can't I.

[mcgrew]

If it is legal and not unreasonably dangerous for a business to use an open wifi connection, then why can't I?

You can. This sheriff isn't arresting people for having hotspots, he's simply mailing them FUD.

Who says you can't?

[phorm]

I don't see anything in the article that said it was illegal to have open wifi, or that you couldn't.
It said that open wifi was being used for identity theft, and that notices of potential dangers (I'd imagine such as possible repercussions for the wifi owner if fraud is traced back to their internet connection) were sent out.

For a couple of older folks or just generally non-technical people who potentially just plugged in an unsecured D-link, not a terrible thing to be given information about, and somewhat pro-active of the Sheriff. It seems little different from the notices given to people who leave their cars unlocked in neighbourhoods experiencing an increase of car thefts...

Re:Oops...

[CanHasDIY]

Here you go: http://journalstar.com/news/local/crime-and-courts/sheriff-looks-to-lock-down-open-internet-connections/article_3a98d107-05c6-5a11-8d09-8769e6e7dacd.html

Re:How do they know exactlywhere to send the lette

[JDG1980]

In a dense area...

We're talking about Nebraska here.

Re:If a Business can do it, why can't I.

[Hatta]

The only 'danger' you expose yourself to by keeping an open wifi is that a moronic lawyer claims it must have been you and decides to sue you for things you didn't do.

Or if a moronic judge issues a search warrant for your home.

It depends on how you're using the word "dense"

[Picass0]

There are some very dense areas in Nebraska. Some of them are even well populated.

Re:If a Business can do it, why can't I.

[Liquidretro]

They are not mandating you close your wifi, they are just suggesting you do. Making you aware of something you were unsure of maybe. Very much the same as if they were to wring your door bell to tell you your garage door is open at midnight, etc.

Re:unsecured wifi?

[PTBarnum]

I thought that using a PSK still allowed people to decrypt your packets, as long as they knew the PSK and were able to capture the beginning of your session. So while having a PSK is slightly better than not having one, it doesn't really guarantee a secure connection.

Does anyone make an easy-to-use 802.1x appliance for coffee shop type uses?

Re:unsecured wifi?

[Nikker]

Just wait till they type in as the password "the password is McDonald's", allow hilarity to ensue.

Re:If a Business can do it, why can't I.

[idontgno]

It's not strictly FUD. For people who leave an AP open because they don't know better, this is a good service. For people who leave a WAP open because of some kind of principled and conscentious decsion, there's nothing there they're not already familiar with and willing to risk.

And let's face it. There is risk. If some random bad actor uses your unsecured WAP for random badness, it will inconvenience you. You will be a "person of interest" until they find a better suspect. Again, this might be a risk worth taking if you decide it is, but for a clueless schlub who just bought the router and plugged it in? Not so much.

Re:If a Business can do it, why can't I.

[mpoulton]

If it is legal and not unreasonably dangerous for a business to use an open wifi connection, then why can't I? If I get incorporated, does that make it safe?

No, but there's a general presumption that it's intentional when a business does it and that they understand the risks and decided to accept them. There's a (well justified) presumption that when a random house has an open AP called "Linksys" it's an accidental result of cluelessness. The sheriff isn't shutting peoples' netowrks down or threatening them with any sort of law enforcement action, they're just informing people that it's a security risk.

The only 'danger' you expose yourself to by keeping an open wifi is that a moronic lawyer claims it must have been you and decides to sue you for things you didn't do. The proper response to that is to counter sue the lawyer and to educate the public, judges and jury that an IP address does not prove identity. I have the right to keep an open WIFI connection and if someone else uses it for bad purposes that does NOT expose me to any reasonable danger or risk. People have the right to anonymity and that means government and lawyers do not have the right to intimidate people into making anonymity harder to obtain.

If you want to play lawyer for yourself without being one, consulting with one, or actually studying the law, you're welcome to do so. But the legal system is no place for the blindfold-and-shotgun approach.
1: Lawyers sue people on behalf of clients, not on their own. It's some other party (like a copyright holder, perhaps) that would be suing you. They are the party initiating the action, and it's up to them to decide whether to spend their hard earned money on the expensive process of suing you for something that may or may not be stupid. Their attorney may or may not be a moron or a dick, but it always takes a moronic/dick client to generate a moronic/dick lawsuit.
2: Countersuing the other party's lawyer is a good way to rapidly generate a large judgment for the other lawyer's fees, which you will have to pay if you initiate such a misguided action.
3: You may be contractually liable for other peoples' use of your open network in some circumstances. If the terms of service for your ISP so state, and the cause of action arises in a way that those terms are relevant, you could find yourself in a bad position. And while IP addresses are not proof of identity, they are evidence, and it would put you in a compromised defensive position to have your IP associated with "bad stuff".
4: The implied right of anonymous speech within the 1st Amendment is not relevant to any issues at play here. There's a misinterpretation of something going on if that seems important in this context.

Re:How do they know exactlywhere to send the lette

[HangingChad]

The only place I can see this working is suburbs with wide spacing between homes, or rural areas.

Or Nebraska.

Re:vs google?

[idontgno]

Do you have evidence that the Sheriff's wardriving captured and stored packet information? Because the furor over Google doing it was precisely that: indiscriminate and promiscuous capture and storage of any packets in transit in any AP's footprint that they passed through. And then Google kept that information, even after being ordered to delete it.

Tell me that a law-enforcement agency is sniffing and recording packet traffic and trolling for evidence of lawbreaking without formal suspicion or a wiretap court order, and I'll be appropriately angry at the privacy violation. Until then, there's no meaningful equivalence.

Re:How do they know exactlywhere to send the lette

[cffrost]

There is 1 city in that county, and it ain't exactly NYC.

Well, there's only 1/5th of one city in New York County. :o)

Re:Correction:

[Hatta]

Wifi encryption is useless if anyone and everyone can join the network. Once you join, it's just like being on any other shared medium network. All your packets are available in the clear. If you're worried about security, use application level encryption.

Re:How do they know exactlywhere to send the lette

As a Nebraskan... yes.

I'm regularly shocked by perceptions people from the larger cities, or from the coasts have. Yes, by land area, Nebraska is mostly rural, but it does have cities that typically have malls, movie theaters, and at least 10 square miles of urban/suburban space.

Lancaster County, in particular, averages 311 people/sq mi, and has Lincoln in the center, which even has some buildings with more than one story. Evidence: http://en.wikipedia.org/wiki/File:Lincoln_DT.jpg

Re:vs google?

[Hatta]

It's not. People blew that way out of proportion. Transmissions on public spectrum can be recieved by anyone. People need to deal with it.

Re:unsecured wifi?

[DarwinSurvivor]

On the key is known, then anyone can use it and it might as well be open. Even the individual key is not going to stop snooping.

You obviously don't understand anything about wireless security. If a connection is open (no encryption), anyone (even those not connected to the router) can stniff EVERYTHING sent over the connection (barring https and the like). With a password, even if every person in the world knows the password, nobody can sniff anyone else's packets. The passwords intiates a transaction where the router and your computer set up their own sessions keys which are used to encrypt everything else. so even though everyone used the same password, everyone is using different encryption keys, so everyone is protected (at the wireless level at least).

Re:The situation is worst than it looks.

[Revotron]

It's so easy to bust down your door, run into your house, and grab your big-screen TV, so why don't you just leave your door unlocked so I can walk right in?

Also, since it's so easy to smash your car's windows, hotwire it, and drive away, why don't you just leave your car unlocked and set your keys in the cupholder?

Utter Horse-shit!

[Penurious+Penguin]

In my area DSL isn't available and FIOS or broadband is upward of $70. This affects me and many others who have difficulty with such prices. The act of intimidating people with open APs is ludicrous and shit-brained. A secured router with a unique user-ID, strong password, along with various options such as filters, availability-configurations, etc., is more secure than WEP with default settings. This sheriff should have a router fastened to his head until the microwaves loosen the rocks. I think the EFF elaborated on this topic quite well, also mentioning Schneier and his views on the subject.

Sharing, especially of educational/informational resources is a good thing. Intimidating people into doing otherwise against their will is encouraging greed, inefficiency and paranoia.

Re:Utter Horse-shit!

[Jeng]

So the sheriff is trying to put a stop to cyber crimes and you oppose it because you like to leave an access point for neighbors?

Why not give the password to the neighbors you want to allow on your network?

Re:Utter Horse-shit!

[Penurious+Penguin]

Footnote: If law-enforcement can wiretap me with the warm, affectionate assistance of the ISP and without a warrant, maybe my neighbors should be given a fair chance too! -- at least they are more likely to be employed in something other than whoring to the plutocracy and fucking over the serfs. I've had very few neighbors (if any) that have ever pulled a gun on a marijuana-smoker and stuffed them in a cage, or tazed someone because they were having a bad day. I also highly doubt most of my neighbors would demand $10,000 for a single song. Law-enforcement is necessary, but it needs to stick with its job, which is not auditing people's networks.

Re:Utter Horse-shit!

[Threni]

> Why not give the password to the neighbors you want to allow on your network?

He might want to let *anyone* onto the network. What's he going to do, paint his password on the front of his house?

If he wants to let people use his internet connection, that's his business. And if that makes it harder for people to figure out who has done what online, tough shit! If you're serious about freedom you have to make difficult choices* like `what if me letting people use my house as a TOR exit node or free wifi point makes it easier for person one to get information from person two`.

* I was just kidding - that's not a difficult choice.

You know, before the American Republican party, headed by that fucking idiot Bush, was first elected into power, America was pretty much universally seen as a positive beacon of freedom and justice. It's almost amusing how quickly all that was pissed away to make the ruling classes a little more cash.

They've tried

[Sycraft-fu]

A federal grand jury wouldn't return an indictment.

Re:They've tried

[Hatta]

Fuck.

Re:This is stupid

[hawkinspeter]

WPA2 isn't at all easy to crack, but it's definitely easy to spoof MAC addresses.

Kills plausible deniability

[DoofusOfDeath]

For someone up to no good, I'm not sure that securing WiFi is smart move.

If someone has an open wifi, and something illegal (copyrighted content, kiddie porn, etc.) is downloaded via his IP, the person has plausible deniability that he himself did the downloading.

If that persons has secured his WiFi with a password, then I would think he's more likely to get convicted.

Re:Kills plausible deniability

Except that Jammie Thomas already tried that defense in two separate jury trials, and lost both times. An open wifi does not give you plausible deniability.

Re:How do they know exactlywhere to send the lette

[Rob+the+Bold]

If the SSID is broadcasting, "Smith" and the name on the mailbox is "Smith", you can probably take a guess about it.

I think if you're a residential broadband customer, and your access point is wide open, the SSID is gonna be "Linksys" or other default name.

You must live on Earth-602 or something

[logicassasin]

I just left AZ a bit over a year ago and lived in Maricopa County. Joe Arpaio started his b.s. first, but even before that he and his office were a menace to the Latino populace of the county. Don't get me wrong, there ARE illegals there, no one will ever dispute that claim, however he's been less than truthful when he repeatedly states that they're responsible for all the crime there. Take a look at the mugshots his office posts daily, plenty of black and white faces to go along with the brown ones he singles out.

Re:Because of racsim

I had the same thing happen in my home county. Our jail was under federal oversight for over 13 years due to constant escapes, inmate injury, and general code violations. We had a sheriff who hired a known thug deputy to be an assistant warden. The man hired numerous thugs for guards, and gave a good old boy system "wink, wink" to the guards who "beat the inmates who needed it."

This entire reign of terror ended after an inmate was beaten to death while in the restraint chair. The video showed the man get slammed into the chair, strapped in, pepper sprayed, and hooded with the spit hood. Then each inmate proceeded to either punch/kick, strike with a baton, or use a tazer on the poor victim. The coroner determined what happened and the federal justice department filed criminal charges against a bunch of "officers." I believe 18 of them either resigned, plead guilty, or plea bargained to lesser charges. Only one or two were convicted of the worst charges, and they happened to be the ringleaders. The only lack of justice is that the assistant warden was never charged, he did end up resigning and no longer works in law enforcement. This entire debacle cost the sitting sheriff his seat in the next election.

The man who took his place almost immediately increased the pay for guards, increased hiring standards, and began the process of fixing all of the code violations that had been ignored for years. The county commission thought he was "spending too much money" and fought him non stop. Apparently they don't think anything of having the justice department look over your shoulder for years. I only hope that the sheriff gets re-elected and can continue to fix the problems in the county. I do not want the county to look like "Sheriff Joe" and his "tent city."

Should anyone want to read what happened, the events in question were from Harrison County Mississippi, during February 2006. The sheriffs name was George Payne. I do know it is against the rules to read the article/story/research/etc. but it is an interesting read.