California Taking Steps To Outlaw WiFi Piggybacking?

from the pointless dept

Thu, Aug 31st 2006 9:25am — Carlo Longino

The California legislature has passed a law requiring the manufacturers of WiFi products to put warning labels reminding users to password-protect their networks, and the state's governor is expected to sign it. While the bill doesn't outlaw piggybacking -- the practice of simply using an available, open access point -- some are wondering if this is the first step towards making it illegal, since it notes "there is disagreement as to whether it is legal for someone to use another person's WiFi connection to browse the Internet if the owner of the WiFi connection has not put a password on it". Securing on open access point isn't too difficult, and the Wi-Fi Alliance is introducing a new program to make the use of Wireless Protected Access even easier to implement -- so if someone doesn't want people to access their network, it's not too hard to keep them from doing so. There's little ethical concern about using an open access point, and a lack of security is typically understood to represent tacit approval that it's okay. There have been a few cases of people being arrested or prosecuted for using open WiFi, but the legality of it seems somewhat clear, particularly if the network is being accessed from public property or if the radio waves from one person's AP have traveled over to someone else's property. It's unclear, though, why California politicians see the need for a law here -- if people want don't want others accessing their WiFi, they have plenty of options with which to lock down their network, they don't need special legal protection. Furthermore, if piggybacking is outlawed, where would it leave people who actually want to share their WiFi, whether it's just an individual, or a business? Things get awfully messy there. If I want to share a network connection over WiFi, how do I communicate to others that I approve of them using my network? Physical signs aren't a perfect solution by any means. Overblown security fears shouldn't prevent people who want to share their WiFi from doing so; for those who don't plenty of means exist to limit access without inventing another crime, let alone one that would be ridiculously hard to enforce.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

45 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Aaron, 31 Aug 2006 @ 10:17am

Here's another fun twist, if you have an open access point, do you have any liability for any of the activities conducted using your access point.
[ link to this | view in chronology ]
- Anonymous Coward, 31 Aug 2006 @ 1:10pm
  
  Re:
  Here's another fun twist, if you have an open access point, do you have any liability for any of the activities conducted using your access point.
  Here's another twist: If you have an open pay phone, do you have any liability for any of the activities conducted using your pay phone?
  [ link to this | view in chronology ]
  - David, 31 Aug 2006 @ 7:35pm
    
    Re: Re: Open Payphone
    It's the same argument as prepaid mobiles. Buy it use it once and throw it away.
    
    The Telco's today have no liability for activities undertaken on their network, why should the person whom happens to share their pipe?
    [ link to this | view in chronology ]
- claire rand, 1 Sep 2006 @ 12:34am
  
  Re:
  i think this is going to be the point. if you *don't* secure your wifi it will be taken as a sign of two things.
  
  1, you don't want to, i.e. its a deliberate choice not to since its 'easy to do' and 'youve been told how' etc, thus it will make it *much* harder to say using someone elses open wifi is illegal.
  
  2, you *will* be held accountable for what happens via your wifi, since you have had an oppertunity to take control.
  
  as i see it wifi represents a huge 'security hole' for law enforcement, and totally coincidentally monitoring of internet traffic. since it leads to a dead end, you know the comms when to wifi hub 'x', but now have no clue where it went afterwards, which makes tracking peoples access that little bit harder and we all know how people in authority like to be able to monitor things.
  
  i'm actually suprised in a way wifi doesn't require a 'license to operate' effectivly meaning only compaines can use it, and making it easier to sue someone when something you don't like goes through it etc.
  
  I await the uk version of this with baited breath.
  [ link to this | view in chronology ]
Scott, 31 Aug 2006 @ 10:24am

OPen-WIfi
Use a captive portal if you are providing free access. Have them redirected to it and create a username and password, and then allow the access. If you do not want to allow access, then do not allow creation of accounts.
[ link to this | view in chronology ]
Ron (profile), 31 Aug 2006 @ 10:29am

Piggybacking
Look underneath this and I'll bet you find the fascist (new word of the day) RIAA or MPAA backing it. They have been shot down several times when they were not able to prove that downloading via an IP address accessed via an open access point really was done by the person to whom the address was assigned. By making it illegal to share IP addresses the goons have a one to one, address to person, relationship to ease the road to prosecution.
[ link to this | view in chronology ]
Chris, 31 Aug 2006 @ 10:34am

How is this binding?
"The California legislature has passed a law requiring the manufacturers of WiFi products to put warning labels..."

So far it seems everyone has glanced over this first line where the keyword "manufacturers" comes into play. They aren't saying that businesses or the home user actualy have to secure their AP's but that whoever makes the router has to warn the customer that they SHOULD. Seeing as everythings made oversees or in Mexico, how can the California legislature enforce anything they put into effect other than refusing business licences to companies operating within their jurisdiction?

Like most California laws they're completely unessecary and just supporting one more lawyers income.
[ link to this | view in chronology ]
- Mike Mixer, 31 Aug 2006 @ 2:36pm
  
  Re: How is this binding?
  I thought that was the purpose of the state of California, a testbed for new and creepier ways to make lawyers rich.
  [ link to this | view in chronology ]
Chuck, 31 Aug 2006 @ 10:34am

I live in California. They just love making laws here. Come, you too can live in the wonderful socialist state of California.
[ link to this | view in chronology ]
- Zangief, 31 Aug 2006 @ 1:19pm
  
  Re:
  In socialist California, Laws right you!
  [ link to this | view in chronology ]
brian.aspx, 31 Aug 2006 @ 10:34am

Open-Wifi
If someone wanted to share their connection they could change their SSID to something like "FREE USE" or something like that. That way people would know its meant to be open. I think if an access point is open you should have the right to use it. Its not like you have to hire a security consultant to lock it down for you. Give my grandmother a manual and she'll figure it out in a few minutes.
[ link to this | view in chronology ]
- AC, 31 Aug 2006 @ 11:13am
  
  Re: Open-Wifi
  I think "LINKSYS" is latin for "FREE USE". ;-)
  [ link to this | view in chronology ]
Thetoe, 31 Aug 2006 @ 10:39am

RE:How is this binding
"Seeing as everythings made oversees or in Mexico, how can the California legislature enforce anything they put into effect other than refusing business licences to companies operating within their jurisdiction?

California can withhold import licenses from those that are non compliant with their state law. It goes on everyday, from California EPA laws to how LCD monitors are disposed of.
[ link to this | view in chronology ]
Hacker-Geek, 31 Aug 2006 @ 10:48am

WEP? Hahaha
Any hacker worth their salt will just use airsnort or some other app to get access if they really want it.

Stupid law.
[ link to this | view in chronology ]
ConceptJunkie (profile), 31 Aug 2006 @ 10:59am

Good idea... stupid law
I think the manufacturers have been very negligent in providing products that are completely insecure by default and not making it clear that this could be a problem.

I know everybody wants stuff to "just work", but in any given residential section you can find as many as a dozen unsecured wireless networks... and I'm betting that 95% of those users have no idea what they are allowing, especially when their local networks and/or machines are also unsecured (I've seen that before).

However, like most things, this shouldn't be solved by a law because laws are usually poorly thought-out, overly broadly written and invariably have unintended consequences even if they do accomplish what they are created for, and that's not even a given.

I used to use the metaphor or "Is it OK to fill up a bucket if your neighbor leaves his hose running in the street?" A more accurate metaphor would be "Is it OK to fill up a bucket if your neighbor leaves his hose running _in your kitchen sink_?"
[ link to this | view in chronology ]
Anonymous Coward, 31 Aug 2006 @ 11:09am

This is yet another shining example of a law that should never exist. The technology to secure wireless access points has ALWAYS been around, in one form or another. People are just too stupid or ignorant to use it. Furthermore, any person with an ounce of common sense knows that piggybacking on somebody else's private wireless network is wrong. We don't need a stupid law to tell us that. Besides that, I believe there's already a law in place that has to do with accessing one's private network and/or PC without permission. Why do we need new laws for issues already covered by existing laws? More is not always better, especially when it comes to the government being in control of our lives.
[ link to this | view in chronology ]
chris (profile), 31 Aug 2006 @ 11:16am

obligatory telco conspiracy theory
it's the telco's man!!!

they're trying to outlaw free wireless with their legislation man!
[ link to this | view in chronology ]
Gerry, 31 Aug 2006 @ 11:27am

RE: California Taking Steps To Outlaw WiFi Piggyba
If you want to share your connection w/someone and its password protected....give them the password...
[ link to this | view in chronology ]
Scott, 31 Aug 2006 @ 11:29am

They already do
I have used 2 different wireless routers, both of which recommended that you go secure it. The problem is most people don't, and when they do, they can not remember the password to it.
[ link to this | view in chronology ]
Cali, 31 Aug 2006 @ 11:33am

Come on, fellow people! Share the love! WiFi points were made for sharing, man. Don't keep the love to yourself. It's all about communal [wireless] living.
[ link to this | view in chronology ]
tim, 31 Aug 2006 @ 11:37am

just name your access point "free-wifi"
[ link to this | view in chronology ]
WebManGA, 31 Aug 2006 @ 11:39am

If people can't use technology outlaw THEM.
[ link to this | view in chronology ]
G-Man, 31 Aug 2006 @ 11:57am

wi-fi responsibility
Ignorance does not give you a free ticket above the law. If you have a neighbor who likes to partake in outlawed internet activity (gambling, kiddie porn, etc.) then you are providing that portal if your wi-fi is not secure. There is no grey area when it comes to that.

Where is this kiddie-porn freak getting his media? Let's track that IP address - once they find out its your router - you are involved! Can you imagine having the cops show up to drag you away only to find out months later that it was your neighbor who was stealing access to your wi-fi --- and 20 minutes after you were carted off in the paddy wagon - they ditched their NIC and left the state!
[ link to this | view in chronology ]
- Anonymous Coward, 31 Aug 2006 @ 1:02pm
  
  Re: wi-fi responsibility
  There is no grey area when it comes to that.
  I don't know where you are talking about, but in the U.S. a person is generally not responsible for another person's actions that they are completely unaware of.
  [ link to this | view in chronology ]
  - G-Man, 31 Aug 2006 @ 7:41pm
    
    Re: Re: wi-fi responsibility
    Try re-reading my first reply to the post - then imagine that the first thing the e-cops find is your IP address - time and time again surfing kiddie porn sites...chatting with "teens". Of course they come after you first. How would anyone ever figure it was "someone else" until the investigation - the scouring of the hard drive - the questioning...the distraught family?
    
    its not worth it. not saying ultimately the person sharing would be guilty - but they are providing the resource for the law being broken. do i believe they should be guilty? - no - generally because most of the public is ignorant when it comes to the out of the box wireless solution. hook it up...I'm in!!!
    
    Hah - and to one of the "anonymous cowards" who announces the big discovery that mac addresses can be spoofed - thanks for your endless wisdom. I would estimate less than 1 % of computer users knows about MAC address spoofing...much less what it is. That is actually an interesting subject - but is for another conversation.
    
    As far as the law - its weak. They just stick a tag on the router/ap like the tag on the hair dryer or tag on the bedroom pillow. the big square that used to be around your "55" on american made cars (check me on that - i know it was on some of them!) - the warning is there - but it is weak. this is just a CYA law. this is to prevent some Joe Schmoe from getting hacked/shared/etc and then trying to sue the manufacturer - unfortunately, another common American trait.
    
    I say lay off the lawmakers on this one - except for the fact that it is keeping their minds off of more important issues. ...and if they can make the companies include software/better instructions on how to secure a wireless network, that takes a bit of a chunk from some of the clients that IT Pros provide services for in their businesses. just a thought. i don't live in CA. Even if they did, I am not sure it would bother me nearly as much as some of these people who have posted.
    [ link to this | view in chronology ]
Donnie Scott, 31 Aug 2006 @ 12:04pm

Behind in technology
No wonder other countries are leaving us behind. As long as we continue to not share what will help americans communicate better and learn we will always be behind and loose our edge as in skilled fields. A law to block wifi is destructive and will cause more of a problem and cost people more money to safe guard access. If people would pull together and share to cost and expense for the service all this would go away. Its all about money...
[ link to this | view in chronology ]
weShare, 31 Aug 2006 @ 12:12pm

funny we share becase theIP providers like to price too high becase they have the monopoly here ...so what we all share so speeds vary but for basic surfin .. its great we all donate $$ to the cause .. for the IP bill and all are happy xcept the over priced providers.. lower prices=more customers..somday they may learn that .. but not likely
[ link to this | view in chronology ]
Share Share Share, 31 Aug 2006 @ 12:50pm

The Bandwidth
I work as a geek for a living. At my home I have a 100% open wireless network. I allow anyone to use my connection as long as they don't abuse it and piss me off. Its easy to ban mac addy's. I just perm ban the mac addy and that user will have to buy a new nic to try again.
[ link to this | view in chronology ]
- Anonymous Coward, 31 Aug 2006 @ 1:02pm
  
  Re: The Bandwidth
  You realize MACs can easily be spoofed right?
  [ link to this | view in chronology ]
- macchanger, 1 Sep 2006 @ 6:21am
  
  Re: The Bandwidth
  There are any number of programs to change your MAC address, although you will probably stop the average computer user.
  [ link to this | view in chronology ]
NOHC, 31 Aug 2006 @ 12:58pm

I just posted this
from my neighbor's unsecured WiFi connection, just because I could.

Nazifornia lawmakers have a real issue with thinking it's population needs to be led around, having it's hand held every step of the way.
[ link to this | view in chronology ]
Anonymous Coward, 31 Aug 2006 @ 1:02pm

if it's open, then you have the right to use it?

so if someone leaves their car parked with the keys in it, it's not stealing? now granted the owner of the car is an idiot, but it is still considerred theft.

I pay for my bandwitdh, and i expcet what i pay for. i dont need some freeloader trying to steal mine. so what do i do? i lock it up. If i wanted to open it up, i would do so, and allow people.
[ link to this | view in chronology ]
- Anonymous Coward, 31 Aug 2006 @ 1:48pm
  
  Re:
  so if someone leaves their car parked with the keys in it, it's not stealing? now granted the owner of the car is an idiot, but it is still considerred theft.
  Kind of like leaving a keyboard out in the open where someone can steal the shift keys off of it.
  [ link to this | view in chronology ]
Myself, 31 Aug 2006 @ 1:37pm

The universal SSID for open access
...you mean like linksyscommunitynetwork.com?

Seriously, it wouldn't be bad if these same stickers instructed people "If you wish to advertise your network for open access, put "OpenAccess" somewhere in your SSID" or something like that.

Currently, anyone taking that view will have to dig up their own ideas for what constitutes a clear marking in the SSID that access is, indeed, allowed.
[ link to this | view in chronology ]
Paul, 31 Aug 2006 @ 3:33pm

Hacker? *scoff*
"Any hacker worth their salt will just use airsnort or some other app to get access if they really want it. "

I believe you meant to say "Any script kiddie with a bootable linux cd"
[ link to this | view in chronology ]
Paul, 31 Aug 2006 @ 3:44pm

More bad analogies!
"so if someone leaves their car parked with the keys in it, it's not stealing? now granted the owner of the car is an idiot, but it is still considerred theft. "

It is more like if someone's nice big screen TV is viewable from their front yard window and you just sit there watching it through their window. If they really cared about privacy they could close their blinds or relocate the TV.

However this is only 80% accurate since bandwidth is a limited resource.

Here's another half-assed analogy for you:
Using someone's wireless would be like using their hose. Their house might have a water meter or they might pay a flat rate (cost per gb xfer vs unlimited xfer per month), however they only get a certain ammount of water pressure (bandwidth speed) so when you use their hose you are making their faucets and sprinklers etc less powerful, and they don't have full access to their water.
Some people might not mind a random jogger comming up and getting a drink from their hose, just as they might not mind a lost traveler looking up mapquest briefly.
[ link to this | view in chronology ]
Anonymous Coward, 31 Aug 2006 @ 4:19pm

a sticker is worthless... in the phishing days of aol there were still stupid ass people who would give you their credit card without question even after they put the "never give your personal information out to anyone, aol will never contact you through im" ... if people are that stupid, do you think they're going to take heed to a sticker that says they should secure their wireless router?
[ link to this | view in chronology ]
David, 31 Aug 2006 @ 6:23pm

Law and buddies
Law: you have to know who is accessing what from which physical address. Some of you say that this is essential to be able to prosecute abusers of internet access (kiddie porn etc). Q: what about city wide wifi (municipal networks) then?

Buddies: The buddies of the state are business, this means the ISP's who don't want to see their revenue impacted because some of us are sharing our expensive pipes, everyon shared is one lost. This also means the Telco's who at some point, if not now, will start to feel the pinch of VoIP (Skype et al) so they want to ride the cash cow a bit longer and would love the squash the proliferation of free (in this case) WiFi (that's what Net Neutrality is all about).

At the end of the day politicians will always go where the campaign funds come from won't they??
[ link to this | view in chronology ]
G-Man, 1 Sep 2006 @ 6:57am

wi-fi responsibility
Are you indicating that all people are going to automatically come up with the "my MAC address was spoofed" claim? I doubt it. As I stated before - a small percentage of the population even knows about this.

I still think you are taking the MAC address spoofing into a conversation it does not belong in right now. After all - if you do not share your wi-fi connection - you won't have to worry about your MAC address being spoofed now will you?
[ link to this | view in chronology ]
David, 3 Sep 2006 @ 6:04pm

License for Wifi?
Claire raises an interesting point, maybe there should be some layer that allows individuals to get out of the 2.4 GHz public (read unlicensed) spectrum. But would the individual really want to get involved in an auction for a frequency when the structures are already in place to add a level of security should the law actually go through.
[ link to this | view in chronology ]
Mike, 3 Sep 2006 @ 11:36pm

Hacker? LYNKSYS = Free wifi
I agree with the comment that the ssid "LYNKSYS" means free wifi. There are also many people who change the ssid but never use encryption.

About the hacker comment...WEP encyption = childsplay. WPA a little tougher but still do able. =/
[ link to this | view in chronology ]
get a life. surf free., 4 Sep 2006 @ 2:27pm

lynksys so totally means free wifi. that's just the way of the world, now. who the heck in their right mind is NOT going to use a wireless signal once the little icon on their lappy glows green. helloooo!
[ link to this | view in chronology ]
G-Man, 4 Sep 2006 @ 7:05pm

re: Hacker? LINKSYS = Free wifi
Mike - good point - but again, most of the public does not understand how to break that encryption - no matter how easy it may be for you and me.

Also - I am curious about anyone's take on "reverse hacking" - being set up - neighbor opens up a "LINKSYS" SSID and you surf and use the free resource. This, of course, is another discussion about a very small percentage of wifi users and their actual abilities - but it is one reason why I keep my laptop connected only to networks I know.

Sounds like we have a ton of freeloaders here. "Take advantage of your neighbor as long as you can." I guess that is the new American way, eh?
[ link to this | view in chronology ]
newest jordan shoes, 9 Nov 2010 @ 12:58am

newest jordan shoes
I dont know what to say. This blog is fantastic. Thats not really a really huge statement, but its all I could come up with after reading this.
[ link to this | view in chronology ]
beats by dr dre, 15 Nov 2011 @ 6:50pm

beats by dr dre
So wonderful, I like it very much, I will come back again.
[ link to this | view in chronology ]