Security Firm Sophos Calls WiFi Piggybacking 'Stealing'

from the mischaracterizations dept

It should come as no surprise that a security firm, in this case Sophos, is casting the act of using a neighbor's unsecured Wi-Fi access point as a crime. The bigger the threat, the more money there is for security solution vendors and consultants. In the latest research, Sophos found that 54% of wireless users surveyed had "stolen" access at one time or another. The report then frames these casual users as thieves by lumping them in with the epithet "cybercriminals". Techdirt's position has been steady: If a hosting Wi-Fi owner transmits a signal into your property or public area, and that signal proactively announces an SSID which functions like an invite, yet the host has left the network unlocked, then the host's DHCP server actively accommodates the guest and offers an IP address for them to use... then why would any casual user suppose the host's intention is not to share that Wi-Fi? Certainly the host's actions indicate an intent to share. There is no lock breached, there is no violation of private property. There is no trespass. But forget these technical arguments, let's look at the Sophos data: a 54% majority of Wi-Fi users have shared someone's Wi-Fi (and I'd say more have but weren't aware). Are the majority of people really cybercriminals? Also, if victims need to be told that they were "robbed" by Sophos research and a press release, and sensationalist news stories, just how victimized were they? Yes, there are real risks to offering an open AP, so we advise most people to lock down their Wi-Fi. That doesn't make criminals of cybervisitors.

Obviously, the situation can be very different if just a few parameters are changed:
  • If ANY kind of hack or bypass is needed to get through some form of security, then the innocence of the visitor is highly dubious. Even the easily hacked WEP is 100% functional as a signal that the host does not want "visitors".
  • Any kind of viewing, or messing around inside the host's LAN, PCs, and other equipment is illegal through existing laws. Doing so is no longer a victimless activity.
What do Techdirters do? We would advise turning on some form of security for most people out there. It's damned easy, so check your manual. But, calling people who use open WiFi criminals is just wrong.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: free-riding, security, wifi
Companies: sophos


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Brad, 14 Dec 2007 @ 5:59pm

    Separate VLAN

    I have a separate VLAN that I leave open. The speed is throttled pretty far back, but I figure sometimes my neighbors need internet and theirs is down, or some passerby needs to check their email. I don't see a bunch of hackers camped out on my lawn "stealing" my internet while I sleep.

    Not since I installed the automated turrets and minefield, anyway.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Dec 2007 @ 2:01pm

      Re: Separate VLAN

      Haha, wow that's damn nice of you. The turrets and minefield are a good deterrent as well.

      link to this | view in chronology ]

  • identicon
    teknosapien, 14 Dec 2007 @ 6:39pm

    Packets should be allowed to roam freely

    I leave my WAP open and separate home lan via a FreeBSD box I hand out IP addresses on one interface and restrick the internal network via another range and MAC add. there have been many a night lost in an unfamiliar area that I wished some one had left access open so I could find my way home

    link to this | view in chronology ]

  • identicon
    whitey, 14 Dec 2007 @ 7:18pm

    STEALING????

    Ok first regarding Sophos, is there such a lack of real security issues that they have to resort to finding the absurd to "patrol"?

    Second, By their "definition" of "theft" being using a un-secured signal, and "belonging" to the person which paid for it; Then (by their definition) Listening to radio that is playing somewhere besides on the radio YOU paid for, is a crime and we should all report immeadately to our local police departments, and turn ourselves in. (the beach, a car going by, a bar, a friends house, the grocery store, on hold to Sophos) I mean, the radio signal you hear is being played on a radio you DIDN'T PAY FOR! Not to mention, these mediums BOTH pay for their operating expenses and then PROFIT in the same manner, advertising! When you use a Wi-FI signal (the signal in question may just have invaded your private living space for you to "use" in the first place, but that is a separate argument) you are subject to the same advertising as the person for which it was directed, same as radio. If SOPHOS, or anyone else for that matter, cares so much about air waves and who paid for what, then CB's, radio signals, T.V. air signals, sound waves, light beams, birds traveling, bugs and anything else that uses the air to travel, MUST pay the rightfull owner their due, only god or mother nature, intended this to be free and unrestricted travel, and plus, they don't accept credit cards :(

    link to this | view in chronology ]

  • identicon
    Urza, 14 Dec 2007 @ 7:21pm

    Yup.

    I leave my wifi wide open. Not that it matters...I can barely get a signal two rooms away, let alone out on the street. But I do it for three reasons:
    1) I live in the middle of nowhere pretty much. Who's gonna steal my wifi?
    2) It's easier for me...I don't have to keep typing in the damn WAP key.
    3) Why the hell should I care if someone else wants to use my wifi? My computers are well enough locked down that it doesn't matter to me who's on my network.

    link to this | view in chronology ]

    • identicon
      Matt, 15 Dec 2007 @ 7:25pm

      Re: Yup.

      umm... it's WEP, not WAP, and you can save the key and only have to input it once.

      link to this | view in chronology ]

  • identicon
    Sleeping Dog, 14 Dec 2007 @ 7:22pm

    WiFi Piggybacking 'Stealing'

    Look at the bright side, they didn't call piggybackers terrorists.

    link to this | view in chronology ]

  • identicon
    zeroJJ, 14 Dec 2007 @ 7:37pm

    any HAMs on here that actually understand this iss

    I agree with TD that there are extremely absurd reactions and overreactions to WiFi insecurity: we both agree that shooting the casual freeloader does nothing to fix the overarching problem - insecure wireless systems caused by a combination of careless wifi vendors, a generally uneducated consuming public, and equally clueless law enforcement and legislation.

    What I have to disagree with is the incorrect classification of WiFi as "broadcast"-type signals. The simply cannot be classified in the same category as TV, radio, and flashlights. WiFi, cellular, etc are all TWO-WAY mediums. In order to even get an IP address from the system in question, you must have a TWO-WAY radio conversation with the Access Point station in question. You simply cannot do anything besides passively "eavesdrop" on wifi without transmitting a signal back to the AP. This whole return transmission path is an ACTIVE engagement of the AP.


    Please, please, please stop comparing wifi usage to passive interception of a broadcast, as it is not. This fallacious argument confuses the real issues at hand with wifi laws and security in general.

    Do focus on how that if no steps are taken to:
    1. secure with a password, mac filter, or some other method,
    2. announce that the system is only meant for authorized users (i.e., paying customers) via splash page, etc,
    3. otherwise limit undesired access,

    then it must be assumed that the system is "public"

    link to this | view in chronology ]

    • identicon
      Trespassing, 15 Dec 2007 @ 6:50am

      Re: any HAMs on here that actually understand this

      The argument that because I 'broadcasted' my wifi signal is an implicit invitation to use it without my explicit permission is simply wrong. Is it theft? Maybe, but I think you could more accurately describe it as trespass. Your signal is using my router, my ISP connection and other equipment - that's use of property without the owners permission and that is trespassing.

      I don't have to have a ten foot fence covered with no trespassing signs to have legal standing to accuse you of trespassing if you are caught sitting on my back porch swing. However, if I fail to put up the fence and signs I shouldn't be surprised if I am taken advantage of by those who have no respect for personal property.

      But, regardless of my carelessness to protect my property doesn't mean I can't have you arrested if I catch you trespassing.

      link to this | view in chronology ]

      • identicon
        ehrichweiss, 15 Dec 2007 @ 7:11am

        Re: Re: any HAMs on here that actually understand

        "I don't have to have a ten foot fence covered with no trespassing signs to have legal standing to accuse you of trespassing if you are caught sitting on my back porch swing."

        Better check your laws because that's not the case in most states. I had a guy open my car door on my property and start going through my stuff. When the cops arrived(after he left) they told me I couldn't do ANYTHING to him because I didn't have signs posted for no trespassing and it was my word against his regarding whether he was in the car.

        link to this | view in chronology ]

        • identicon
          Barry Wolk, 16 Dec 2007 @ 2:03pm

          Re: Re: Re: any HAMs on here that actually underst

          The guy going through your car on your property was absolutely committing burglary and most juries in the USA would be happy to put him in prison. So contact the prosecutor in your area and report the cops, and their reaction to your law abiding request to them. The fact that they said you needed no tresspassing signs is absurd. Does your Mom need to carry a 'Please Do Not Rape Me' sign to protect herself?? Bust 'em!!

          link to this | view in chronology ]

      • identicon
        ehrichweiss, 15 Dec 2007 @ 7:53am

        Re: Re: any HAMs on here that actually understand

        Oh, btw, those "no trespassing" signs are also required on your network as well. If you think that's a lie then what stops me from setting up a web page and then having everyone arrested who accesses it "illegally"? The law requires some form of sign, like authentication for computers.

        link to this | view in chronology ]

    • identicon
      ehrichweiss, 15 Dec 2007 @ 7:07am

      Re: any HAMs on here that actually understand this

      "Please, please, please stop comparing wifi usage to passive interception of a broadcast, as it is not. This fallacious argument confuses the real issues at hand with wifi laws and security in general."

      The FCC doesn't distinguish between a two-way communication and a standard broadcast in the law itself. If you have the right to broadcast on a band and you receive an unencrypted signal on that band, you have full rights to send a response. Period.

      This arguement is used because we have to deal with the signal itself and not the "active communication"(that is strangely not-so-active for the humans in the picture if you didn't notice). Someone invariably brings up that it's "their signal" and that others don't have the right to respond to it even if it's not encrypted. That's like saying that you can talk on a CB(a public band) and other members of the public can't respond. It doesn't work that way because it's a public band.

      link to this | view in chronology ]

    • identicon
      Johnny, 16 Dec 2007 @ 11:27am

      Re: any HAMs on here that actually understand this

      You fail to miss the part where this all starts out with a OPTIONAL broadcast to the world. Then it continues with two way broadcasts but they are all still broadcasts. Then you go and imply that to "passively eavesdrop" might be ok. Honestly I be more worried about the guy just listening then the one slurping some open unprotected wifi for a bit while he checks his e-mail. If anything, the person borrowing the wifi is as subject to the ap owners not doing anything shady then the average wifi visitor. If you want it secure then use the protection built in to even the crappiest devices or us a wire.

      Plain and simple. If you don't protect it and label something as important and privte then don't get your feelings all hurt when people that happen by treat your wireless with the same amount of respect of privacy that you did when set it up and shared it with everyone in reach of the signal. Because that is exactly what you did, you shared your wireless.

      link to this | view in chronology ]

      • identicon
        Rich Larson, 17 Dec 2007 @ 3:38am

        Re: Re: any HAMs on here that actually understand

        Yep, I agree Johnny, "You fail to miss the part where this all starts out with a OPTIONAL broadcast to the world."

        If you broadcast your SSID, then you are saying to the world, "Hey, if I don't have a password, then you're free to come inside. If I do have a password, then go away or ask the owner of this signal if you can have access!"

        If you don't want me on your signal, then stop announcing it to the entire neighborhood! Because if my power goes out, and yours is still on, I am gonna be on your network with my laptop, and if it happens to you, then you can use mine...er, well, if you come over and ask me for the password first! ;)

        link to this | view in chronology ]

    • identicon
      Rich Larson, 17 Dec 2007 @ 3:31am

      Re: any HAMs on here that actually understand this

      I think you're completely misunderstanding the term "broadcast" as it is used in the WiFi sense. Each network has an SSID that one can chose to hide or "broadcast" to the world. If you hide it, then nobody but a hacker would even know your SSID. However, if you leave your network open then you are literally broadcasting, every so many (mili)seconds, your SSID.

      link to this | view in chronology ]

  • identicon
    Tim, 14 Dec 2007 @ 7:48pm

    Stealing?

    So your front door is open and someone walks inside and says hello? Isn't that the essence of an AP that's not secure?

    link to this | view in chronology ]

    • identicon
      Anonymous, 14 Dec 2007 @ 8:13pm

      Re: Stealing?

      Yes. Using someone else's wireless connection without asking is stealing. You didn't pay for it, you were not granted permission, and probably you are not telling the owner about it, so yes, you are a criminal. You are a casual criminal, but a criminal none the less.

      Here we have a problem with the culture of the so called "hacker", especially these pathetic specimens who piggyback people's connections for fun. Oh sure, it's totally acceptable to use someone's access because they didn't bother to secure it properly. Fuck you. Most people don't know who to do these things, and they will never understand things like WEP or WPA. That doesn't mean they're stupid, it doesn't mean they're lazy, and it doesn't mean they deserve to be exploited.

      "Oh but, they could take the time to learn, afterall, I did". I can just hear the nerd saying it. Once again, fuck you. A lot of people do not have the time to learn, or don't care to. No one wants to spend they're life trying to figure out wireless security just to prevent some asshole from dropping by to steal their connection. Show some fucking decency. If you didn't ask for it, don't take it, because it's fucking stealing.

      link to this | view in chronology ]

      • identicon
        fred, 14 Dec 2007 @ 9:01pm

        Re: Re: Stealing?

        just one thing RTFM and nice of you to include a name guy

        link to this | view in chronology ]

      • identicon
        Paul`, 15 Dec 2007 @ 4:30am

        Re: Re: Stealing?

        It isn't stealing if the person has their wifi totally unlocked and reaching out of their property. As someone said before, if someone walks into your house because you have left all the doors unlocked, it's not breaking and entering.

        link to this | view in chronology ]

        • identicon
          JuarezTraveller, 15 Dec 2007 @ 4:42am

          Re: Re: Re: Stealing?

          No, it's not breaking and entering, but it is illegal entry, which is subject to the same penalty: imprisonment. You supporters of such crimes as these miss the point: It is unreasonable to assume that every individual knows everything. The mistake lies not in people's ignorance, but in your assumption that ignorance is not inevitable and that it should be punished.

          link to this | view in chronology ]

      • identicon
        ehrichweiss, 15 Dec 2007 @ 7:27am

        Re: Re: Stealing?

        "You didn't pay for it, you were not granted permission, "

        Wrong, any AP broadcasting a default SSID is not only granting permission but promiscuously asking you to join.

        "Most people don't know who to do these things, and they will never understand things like WEP or WPA. That doesn't mean they're stupid, it doesn't mean they're lazy, and it doesn't mean they deserve to be exploited."

        First of all, if you bought wireless to keep from having to plug in to e-net, you already have the lazy tag. If you did so without reading the manual, doubly so.

        A lot of people don't understand how gunpowder explodes either but are we going to treat the dumbass who looks down the barrel of a loaded gun and pulls the trigger as a *victim*!?!?

        We need REQUIRED tests for purchases of a WAP that way we can get rid of this "I'm too lazy to setup my router securely and I need a nanny state to protect me from my own stupidity" attitude that I see so prevalent. Darwin is weeping. We have drivers licenses to ostensibly keep the dumb drivers off the road so it's time for a WAP license so that people can be held accountable for their own actions.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 15 Dec 2007 @ 10:01am

        Re: Re: Stealing?

        " . . . it doesn't mean they're lazy . . ."

        -> Yes it does. The manual that comes with the product even tells you how to do it. Hell, if you use a Linksys the setup CD tries to get you to use some form of it. There is no excuse for not learning how to use a tool. Next you'll be saying that someone who accidentally shot their neighbor shouldn't be punished because he didn't learn how to use a firearm.


        ""Oh but, they could take the time to learn, afterall, I did". I can just hear the nerd saying it. Once again, fuck you. "

        -> Ah so that's your angle. Upset that someone knows more about a subject than you, and is telling you you are wrong.


        "A lot of people do not have the time to learn, or don't care to. No one wants to spend they're life trying to figure out wireless security just to prevent some asshole from dropping by to steal their connection. Show some fucking decency. If you didn't ask for it, don't take it, because it's fucking stealing."

        -> What work? What life time? Its a one time setup. The only requirement is remembering the password in case you need to change anything. It will take only 5 - 10 minutes longer to setup your AP and you'll essentially have a put a lock on it, or some flag that your connection isn't public.

        Some people DO provide public WiFi and you can't tell the difference unless someone has some sort of security to prevent access.

        Furthermore, what of my neighbors? From my room there are 17 AP's, 4 of which are secure, 1 of them being mine. The rest are wide open and useable from MY property. Can I sue them for pollution or some such bullshit?

        You sir are an ignorant bigot. I suggest you throw out your AP and stop polluting the websites you troll like you apparently are 'polluting' your neighborhood with your open-but-you-can't-use WiFi.

        link to this | view in chronology ]

      • identicon
        Also Anon, 15 Dec 2007 @ 5:17pm

        Re: Re: Stealing?

        Quote [A lot of people do not have the time to learn, or don't care to. No one wants to spend they're life trying to figure out wireless security just to prevent some asshole from dropping by to steal their connection.]

        And a lot of people who have cars don't have the time to learn, or don't care to drive them properly, but we should let them on the road anyway?

        If you plan to use a technology, you need to learn how to use it properly.

        link to this | view in chronology ]

      • icon
        Mike (profile), 15 Dec 2007 @ 5:55pm

        Re: Re: Stealing?

        Using someone else's wireless connection without asking is stealing.

        No. Actually, this is wrong for a variety of reasons. First of all, you say "without asking," but your AP broadcast out a message saying "Connect to me!" No asking is needed, since your AP did the inviting.

        You didn't pay for it, you were not granted permission, and probably you are not telling the owner about it, so yes, you are a criminal

        According to this definition, you have stolen Techdirt.

        * You did not pay for it
        * I did not grant you permission to visit.
        * You did not tell me you were going to use it.

        Thus, according to your definition, you are a criminal. Now, you may say that I granted you permission in setting up this open web page. But what we're saying is that's the same thing as setting up an open WiFi AP. That person has granted permission.

        link to this | view in chronology ]

        • identicon
          Brian, 17 Dec 2007 @ 9:08am

          Re: Re: Re: Stealing?

          Just out of curiousity, what if I change my SSID to "Do Not Steal", "Not Public", "Private No Tresspassing" or something similar? Will all of you respect that? I've demonstrated my intentions and may have a reason.

          Also, and I'm sure there will be some sort of "it's not a tangible item" or "infinite supply" argument, but I kind of consider internet to be a utility. Would it be okay if some came along hooked up a hose to my faucet outside or plugged in an extension cord to my outside outlet? I mean I didn't specifically forbid it.

          link to this | view in chronology ]

          • identicon
            Jeremy, 17 Dec 2007 @ 12:38pm

            Re: Re: Re: Re: Stealing?

            Brian,

            The problem with just changing your SSID and not making it private is that your ap is still broadcasting and accepting connections. If (as I do with my laptop) I select auto-detect network settings and your ap broadcasts and accepts an auto-connection is that still stealing? I wouldn't have seen your SSID say keep out, because my laptop and your ap connected automatically. Are the computers then responsible for committing this "crime"? Should we prosecute Hal?

            Also, your analogy is incorrect. You have to pay for water and for electric so plugging in either a hose or extension cord would cost you more money. Using an open ap does not cost you more (unless you count your opportunity cost of having a slower network, and if you are then you should be intelligent enough to read instructions in the manual, in which case you need to be responsible for securing it). Now, if you do have a network connection that costs you more based on usage, again it is your responsibility to secure your network.

            And to anyone who says "well, its too difficult to secure a network" is either (a) too lazy or (b) shouldn't be setting up their own wireless network. If you know that your knowledge of electronics is so limited that you can not read an instruction manual and follow directions, pay Best Buy $40 to install it for you. Otherwise, don't complain when your network isn't secured and someone connects. And please don't try to counter with the "I don't have enough money to have someone install my wireless router" argument. If you have enough money for a network connection and to buy a wireless router, you should be able to afford the $40 or whatever it costs to have someone install it and secure it.

            link to this | view in chronology ]

            • identicon
              Brian, 18 Dec 2007 @ 6:51am

              Re: Re: Re: Re: Re: Stealing?

              Jeremy: As with all utilities, I have to pay for the internet also--if you and everyone else connects to my AP without permission and pushes me over my monthly bandwidth limit (and I have to pay overages), then yes, you just stole from me. If I changed my SSID to something that clearly stated my intentions, maybe you should have practiced due diligence and checked before you took instead of assuming.

              I never said I didn't understand or didn't have the technical knowledge--don't insult my intelligence by assuming that you're somehow superior--I'm asking a question and found exactly what I expected: you freeloaders always have an answer for everything. You want everything to be free *for you*--everything's good so long as someone else is paying. I find it amusing and sad that so many of you are so willing to take advantage of people ("They should have been smarter"?)--it's a sad state of affairs. How about common decency?

              link to this | view in chronology ]

      • identicon
        Tony, 15 Dec 2007 @ 6:10pm

        Re: Re: Stealing?

        uh so then when I take a penny from the jar that says take one leave one, that would be stealing? By broadcasting an ssid and a nonsecured AP that is an invitation. It is simple to turn off the broadcast.

        link to this | view in chronology ]

        • identicon
          Captain Nemo, 16 Dec 2007 @ 6:31pm

          Re: Re: Re: Stealing?

          The jar is telling you to take a penny, just like the router is telling you to join the network. It isn't criminal either way. :-D

          link to this | view in chronology ]

      • identicon
        Johnny, 16 Dec 2007 @ 11:32am

        Re: Re: Stealing?

        link to this | view in chronology ]

      • identicon
        Johnny, 16 Dec 2007 @ 11:42am

        Re: Re: Stealing?

        This is a stupid argument. First read the manual. Everything you buy comes with one and it seems you are the guy that needs them.

        Now that you've read you manuals let's put your pathetic logic to work. For this we'll all have to imagine you finding a girl and you then have kids. Now send you daughter out clubbing with her home phone number and perhaps her home address both printed on the shirt. She doesn't need to print call me on it. Just the details of how to connect. Only people that get close enough to read the shirt will get the number but I'll bet she gets plenty of calls. Who's fault is it if some of these calls or comments that night aren't favorable? Your fault. The t-shirt printer's fault? Your daughter? The people that let her into the club? Maybe all or some of these could have helped along the way but it isn't going to be the callers fault. Not by a long shot.

        link to this | view in chronology ]

      • identicon
        Lew, 16 Dec 2007 @ 3:59pm

        Re: Re: Stealing?

        I am soooo glad you don't have hostility issues, Anonymous. Even so, you might want to clean up the expletives. It's not a sign of intelligence. To the contrary, the 13 year old language undermines any real point you might have otherwise made.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Dec 2007 @ 1:30am

        Re: Re: Stealing?

        Sounds like somebody is being a baby.

        link to this | view in chronology ]

      • identicon
        Anonymous, 24 Dec 2007 @ 11:37am

        Re: Re: Stealing?

        If you don't care to learn to secure your AP you should either pay someone to or use a wire. Using any technology without having a professional set it up or being competent with that technology is just foolish.

        It is a simple matter to secure an AP. A simple Google search or RTFM and 5 minutes is all it takes. It's pretty much a one time intellectual investment and does not require any deeper knowledge of networking or computing.

        You might not take the time to learn to fix the engine of your new car but you would take the time to learn to use the functions of your new car would you not?

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 8 Apr 2008 @ 11:49pm

        Re: Re: Stealing?

        Keep your signal off my property, or secure it.
        First, you are using up bandwidth that is public property, not just using up bandwidth on your own property, but on everybody's property in range of your excessively powered wifi. If it goes over the boundaries of the property that you are using it on then it is obviously emitting a more powerful signal than needed. And possibly interfering with others networks.
        Second, it is the law in many places, that if you have a tree that crosses onto your neighbors property the part which is over your neighbors property is your neighbors, not yours. They may pick the fruit of the tree that is hanging over the property line, they may prune it back, if the trunk crosses the property line they may even carve away every last piece of it on their property EVEN if that kills the tree which you planted.
        Getting upset with a neighbor using TOTALLY UNSECURED wifi is like going on vacation and instead of stopping your newspaper you tell the paperboy to send it to your neighbors house, without telling your neighbor, then getting mad when you come back and found that your neighbor had read your paper.
        Third, with the number of free and public wifi hotspots around put up INTENTIONALLY by private people, businesses, and by public agencies who realize, correctly, that their facilities are owned by the public and should be available for public use as long as it does not interfere with their core mission.

        For these reasons, I believe it should be the duty of the wireless network owner to secure their network if they do not wish for it to be used by any who can connect to it once it leaves their property. I do not care if turning on security is easy or difficult it should be the responsibility of the network owner to do so if they are going to broadcast off of their property.

        link to this | view in chronology ]

    • identicon
      Krayol, 15 Dec 2007 @ 9:24am

      Re: Stealing?

      It's more like leaving a note outside your house telling everyone who passes that there are goodies inside (cookies and a coffee, not jewels!); wecloming people in and showing them around; offering them a snack and letting them use the toilet; politely waiting for them to leave and then calling the police.

      (You can just imagine the police reaction, can't you? Quite right too!)

      link to this | view in chronology ]

    • identicon
      gee, 15 Dec 2007 @ 1:27pm

      Re: Stealing?

      NO

      If I walked on to their property to use their wifi it would be the same thing. If their signal goes into my home I'm going to use it.

      So to use a similar analogy to yours, if their door extends on to my property and they leave it open I will walk in and say hello

      link to this | view in chronology ]

  • identicon
    zcat, 14 Dec 2007 @ 8:29pm

    laws

    I've always though that laws were supposed to reflect what society considered 'acceptable behavior'. If more than half of the population thinks it's acceptable to steal/leach/piggyback open wifi, any law against it is probably due for some serious reconsideration.

    The same logic probably also applies to sharing mp3's, circumventing digital media restrictions restrictions, etc...

    link to this | view in chronology ]

  • identicon
    Alfred E. Neuman, 14 Dec 2007 @ 8:41pm

    Next thing ya know

    They will be calling it "making available".

    link to this | view in chronology ]

  • identicon
    Anonymous, 14 Dec 2007 @ 9:00pm

    check out the demo to see somthing scare about wirless security
    http://www.offensive-security.com/

    link to this | view in chronology ]

  • identicon
    zcat, 14 Dec 2007 @ 9:07pm

    "without permission"

    "without permission" is rather an interesting statement.

    I have permission from the government to transmit and receive digital signals on the 2.4GHz spectrum, as long as those signals comply with certain technical restrictions.

    YOUR access point is broadcasting a "Free WIFI available here!" announcement on those frequencies about 20 times a second iirc. You could turn that off, but you have not.

    I transmit a reply asking to use your connection, and YOUR access point replies giving me all the information I need to make that connection. You could turn that off, but you have not. At no point has your access point even hinted that it isn't intended for public access.

    It would be trivially easy for you to 'deny' permission at any point, in any number of ways. Turn off SSID broadcasting; filter unknown MAC addresses; require a WEP or WPA key and I would accept that the access point is 'no longer public' -- but you haven't done any of those things.

    Car analogy. Your car is not merely unlocked with the keys in the ignition; that would still not imply that it's OK to borrow it. Your car it unlocked with the keys in the ignition, on the roadside, with a flashing neon sign on the roof that reads "Free public transport"

    link to this | view in chronology ]

    • identicon
      ted, 16 Dec 2007 @ 8:30am

      Re: #14, "Without Permission"

      Also, people with open WIFI don't necessarily advertise their contact info, so it's pretty hard to ask permission. If I leave my WIFI open, I don't want people calling to ask - I want them to use (but not abuse) it. If a lot of bandwidth is being drained I'll shut it off.

      Difficulty "Learning" to make it secure is not an effective argument. If asks you if you want it secure when you set it up. If you are smart enough to get the thing running you are smart enough to make it secure.

      The door unlocked analogy misses also. It's a door open analogy. An unlocked door is not an invitation - a wide open door is. When your neighbor show up in your kitchen for a visit are you going to claim trespass if your door was wide open?

      link to this | view in chronology ]

  • identicon
    Low level micro wave transmissions, 14 Dec 2007 @ 11:11pm

    Can I sue a wifi operator for beaming low level microwave transmissions into my apartment ? Causing abnormal brain activity and mild hallucinations ?

    link to this | view in chronology ]

  • identicon
    Patrick Phelan, 15 Dec 2007 @ 1:39am

    Re: Re: Stealing?

    With so many ways to easily block access to your AP it's really hard to say that any simple use of an open AP is criminal. As mentioned before it's nice to be able to check your e-mail or something else real quick while you're about. There are HaX0rz (children who can't actually hack and failed any and all grammar and English classes) who leech off of their uneducated neighbor's connection a good 8 hours a day to whet their WoW appetites. And that I would legitimately consider stealing and ethically wrong.

    But we can't criminalize all open AP usage. As for the uneducated not being capable of blocking their WiFI AP I can only say 'too bad.' If they really care enough about their AP they can spend a few minutes to set up a simple WEP lock. And if they don't care enough to do that, well, they quite simply Do Not Care. The owner of the WiFi has to have a bit of responsibility of their own, it's clearly printed in their operating manuals how to set up some simple AP locks. After all the only excuse for ignorance is apathy itself. I understand that people may not have the time to figure out how to protect their AP, but again it does not take that much time; and for those who do not care enough to take that time, again, Do Not Care enough about others accessing their open AP to take that time.

    And for future argument's sake don't attack others with offensive language. It really does not help to get your point across and only makes it weaker.

    link to this | view in chronology ]

  • identicon
    ulle, 15 Dec 2007 @ 2:40am

    I have noticed a sad trend lately, the excuse "I do not have time" seems to be becoming an acceptable excuse for more and more problems. While I can understand some people do have a very full schedual either with school or a high pressure job, we still need to put all this into perspective. Installing a new router nowadays takes maybe 5 minutes for someone not tech minded, setting up security is part of that 5 minute operation, the actual installation is explained step by step when you run the installation CD using rather simple English that would be easily understood by any person with a basic reading skill level (English is my primary language so I cannot vouch for other languages) so from my perspective if a person has the time to hookup the router they therefore have te time to setup at least basic security. Just my 2 cents.

    link to this | view in chronology ]

    • identicon
      ehrichweiss, 15 Dec 2007 @ 7:39am

      Re:

      I've stated repeatedly in the past that this exact attitude you speak of is likely going to propel us to the point that a test or license will be required to buy/use any wireless networking equipment because the user is too lazy to do the proper setup AND is more than willing to play the part of a victim when their shiny new "gun" blows up right in their face. In short, our society has lost all sense of personal responsibility; sure we play the blame game and hold OTHERS responsible for their actions but heaven forbid that we look at ourselves through those same glasses.

      link to this | view in chronology ]

  • identicon
    JuarezTraveller, 15 Dec 2007 @ 4:32am

    Finally! A Techdirt Mistake!

    According to your hypothosis, my Grandma, who unknowingly let her antivirus subscription expire, "invited" those those trojans that crashed her machine.

    Your viewpoint suffers from the same fundamental error as all libertarian ideologies: Assuming that the public has perfect knowledge is crazy and leads to erroneous conclusions. Just because someone buys a wireless box doesn't mean they know how to use it. In innocent ignorance, they may turn on their box to their detrement. And since the time has long passed (with Ben Franklin) that any human being could possess all current knowledge, it is unreasonable to expect people to know that the box comes to them in an unsecured state.

    link to this | view in chronology ]

    • identicon
      Just Anonymous, 15 Dec 2007 @ 6:12am

      Re: Finally! A Techdirt Mistake!

      If you bought the box, it came with a manual. And like it was just said, setting up the router with security takes only 5 minutes.

      And people, stop with the stupid analogies. You're not seriously comparing someone who's just casually using the the WiFi connection for their own casual use to trogans that are actively seeking to do harm.

      There's no justifiable reason for anyone that owns a wireless router or other access point to not have it set up according to their needs. They can read the step by step instructions or call tech support or whatever.

      This may be a case where "stealing" your neighbor's bandwidth may be considered morally wrong, depending on just how much of it you're taking; but from an ethical standpoint, no harm is being done, you aren't even running up any bills, and you're still within your own property.

      This can't be criminalized. Sure, any malicious access to the network or actual harm is still a crime, but the grand majority of people that "shared" WiFi weren't doing that in the first place.

      link to this | view in chronology ]

      • icon
        Peet McKimmie (profile), 15 Dec 2007 @ 7:05am

        Re: Re: Finally! A Techdirt Mistake!

        The reason for the majority of "unintentionally" unsecured wifi isn't stupidity or apathy; it's uncertainty.

        When your granny connects to her router for the first time, she's so happy to have a connection of any sort at all that she'll stop there rather than risk losing the connection again by fiddling with any of that "security" mumbo-jumbo. That way they can brag to their friends that they set the system up themselves without having to ask their grandchildren for help.

        Again, the only solution to this lies in the hands of the companies who make the wi-fi routers. They should amend their installers in such a way that they demand a WPA key by default, and only after that is set up should they allow access to a control panel that gives the option to reduce the security settings, complete with stern warnings about why you might not want to do that.

        That way, people who want to leave their connection open will still be able to do so, and those seeing an open connection would have a reasonable expectation that it was a deliberate invitation to use it.

        link to this | view in chronology ]

        • identicon
          Krayol, 15 Dec 2007 @ 9:31am

          Re: Re: Re: Finally! A Techdirt Mistake!

          I got a new wireless router recently. It came preconfigured for WEP - all I had to do was type in the supplied unique key and I was on. It would have taken more effort to make it insecure! :)

          Of course, I did spend the extra hour learning about security; and then 10 minutes reconfiguring for WPA2/WPA-PSK. It's not rocket science, but the WEP would probably have been adequate!

          link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2007 @ 10:11am

      Re: Finally! A Techdirt Mistake!

      "According to your hypothosis, my Grandma, who unknowingly let her antivirus subscription expire, "invited" those those trojans that crashed her machine."

      -> That's a bit different. Malicious intent is a key focal point of most laws. Hell for some its required to be proven. Someone using anything maliciously, and you can prove it, is guilty of a crime. Severity depends on the action.

      BTW that's another thing that takes less than 5 minutes to setup, logging.

      link to this | view in chronology ]

    • identicon
      Johnny, 16 Dec 2007 @ 10:57am

      Re: Finally! A Techdirt Mistake!

      This is not even similar. Your grandma not reading the perhaps hundred(s) of warnings that pop-up when AV software expires and then falling prey to the intentional exploitation of her machine by those writing and spreading the worm/trojan/virus is nothing similar to this. I can't even imagine the relationship outside of both situations using computers and the internet. Pay closer attention Traveler.

      link to this | view in chronology ]

    • icon
      Mike (profile), 16 Dec 2007 @ 12:29pm

      Re: Finally! A Techdirt Mistake!

      According to your hypothosis, my Grandma, who unknowingly let her antivirus subscription expire, "invited" those those trojans that crashed her machine.

      That's quite a different situation. For trojans to get onto her computer, something surreptitious had to have been done. That's quite different than setting up an AP that says "Everyone's free to use me!"

      Also, we clearly note in the story that if *any* kind of hack or bypass is needed, then it's not acceptable. To get a trojan on a machine you are clearly bypassing some security.


      Your viewpoint suffers from the same fundamental error as all libertarian ideologies: Assuming that the public has perfect knowledge is crazy and leads to erroneous conclusions


      We assume no such thing... and I'd argue that I've yet to meet a libertarian (outside of the Randian wing) that believes such a thing.

      Just because someone buys a wireless box doesn't mean they know how to use it. In innocent ignorance,

      We're not assuming that any owner of a wireless AP knows how to use it. We're just saying that if an AP is set up with permissions granted, permission is granted. No crime is committed. It's that simple. You seem to ascribe to us some strawman beliefs in an attempt to knock them down.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2007 @ 6:14am

    Mike didn't make this one? Wow. I was beginning to think he purchased Techdirt or something.

    link to this | view in chronology ]

  • identicon
    kneeL, 15 Dec 2007 @ 6:44am

    If i need internet in a pinch, and its around, I am going to get it. Think most of us are the same way. I have homebrew apps on my Nintendo DS and Tmobile SDA that map and remember open wireless points as I walk/drive, so that it can be online anytime i am in the area of an open wirelss

    link to this | view in chronology ]

  • identicon
    Public Parking, 15 Dec 2007 @ 7:01am

    All of this reminds me of the man who owned the house next to me in down town Washington, DC.

    Nobody had a drive or garage so the only parking was on the street. And the street was PUBLIC property.

    Yet, because the parking space on the street was in front of his house he believed it to be HIS. I parked there once and he came to my door and read me the riot act. Ass hole.

    My point is, the air waves are PUBLIC property. If you are broadcasting on PUBLIC airwaves, without a license, and make no effort to secure your transmission. You can have NO expection of ownership.

    link to this | view in chronology ]

  • identicon
    glitch, 15 Dec 2007 @ 7:05am

    wow...the US gov is slipping !! and losing money

    and the states are too...they need to pass a law requiring a license to use wifi and make users provide proof of training

    maybe they arent criminals, but the least is they should be called scum...bottom feeders...whatever

    i passed on 2 free wireless routers this year:
    1 from vonage [i opted for wired] and another from Verizon

    i only keep the router for its firewall and have been using a free anti-virus prog for years..i have a very tight and secure system for no yearly cost

    link to this | view in chronology ]

  • identicon
    Public Parking, 15 Dec 2007 @ 7:14am

    Exactly echrichweiss,

    Hams position is that of the man next door to me saying I was "stealing" his parking space, because it was in front of his house, when in fact it was a public street.

    link to this | view in chronology ]

  • identicon
    glitch, 15 Dec 2007 @ 7:49am

    dont use "public parking"

    it only works in theory

    there is no on-street parking on my side

    my landlord paved the front yard for the buildings dumpster and a parking space for me [tenant]

    it is posted, private parking..can be towed

    but it isnt private and the threat is worthless

    i cant just call a tow truck and have a vehicle removed, i have to call the police first.

    i can say someone is stealing my parking space and have no recourse.also, i would have to pay to have a vehicle towed myself, and have no means to recoup the fee.

    link to this | view in chronology ]

    • identicon
      ehrichweiss, 15 Dec 2007 @ 8:05am

      Re: dont use "public parking"

      You've confused me here. Did your landlord create you a spot on his property, or is it just a sign on the street? If it's on his property, that sign *does* work and you can have cars towed at the owner's expense.


      BTW, I can't see that your story here has any bearing on the analogy Public Parking asserted nor does it have anything to do with this story.

      link to this | view in chronology ]

      • identicon
        wha?, 15 Dec 2007 @ 5:31pm

        Re: Re: dont use "public parking"

        Unfortunately, in most locations, you have to call the Landlord and have him call the Police. Tow operators will not tow a vehicle without either the Vehicle Owner's permission or the landowner's permission.

        Sorry: i know it's off topic, but I found this out the hard way living in a university town, and coming home from work at 8AM and being unable to park in my Marked Space in the parking lot.

        link to this | view in chronology ]

  • icon
    Derek Kerton (profile), 15 Dec 2007 @ 11:51am

    Follow-Up

    We have licenses for driving cars.

    We have classes for baby-care.

    We have lessons and qualifications for handling firearms.

    We have helmet laws for riding bikes.

    Ham radio users need a license to use shared spectrum, to be assured they know how to use it correctly.

    Even GMRS 2-way radios that you can buy at Costco require (by law) that you register for a license.

    Did you know that even FRS 2-way radios, that they sell in kid's watches now, require that you follow several federally mandated rules of usage? There is a lot of precedent for requiring people to understand the risks, protocols, and courtesy of using shared radio spectrum.

    Some comments here suggest that we are at the least rude and discourteous for "stealing" their Wi-Fi, but I retort that you are in fact rude and discourteous because you failed to learn the protocols of use before you started transmitting on shared radio spectrum.

    Just try keying up a CB radio in a trucking area and not following protocols, and see how welcome you are. If you spend a little time listening in and learning the correct way to use the shared spectrum, you will be welcomed. It is those that are ignorant of the protocols that are being rude, presumptuous, and wrong. This has consistently been the case in radio spectrum, and probably applies equally well in the non-tech world.

    That's why hams tend to side with us on this issue. So ignorance, apathy, etc. is not a great excuse. If you want to play, learn to use the toy.

    In the case of a Wireless AP, the training is in the form of the manual or install CD. Your Wireless AP usually defaults to inviting visitors. If you choose not to read the manual, and remain ignorant, then that does not make a criminal out of someone who accepts that invitation.

    Read comments 1 - 4. Those people choose to share their Wi-Fi, as do I (in a controlled way). How can I discern an ignorant person, who would choose not to share if only they knew how, from someone who is deliberately sharing? I can't. You need to turn on some security to signal me that I'm not welcome.

    And the bottom line is this: nobody is making anyone use a wireless router. Like a firearm, if you are too lazy, busy, important, or ignant to spend the 5 minutes turning on WEP, then get a wired router instead.

    Now here's a funny anecdote: I used to work in sewage. Yep. We cleaned pumping stations with a massive vacuum and a pressure washer. The guy down the hole in full SCUBA gear and rubber zoot suit wore a two-way FM radio that used a microphone that contacted his larynx on his throat to communicate with the crew on top. No, we were not swimming in the soup, only thigh deep, but there was a lot of spray and it wasn't pretty. The guy down the hole gave instructions to those above about where to position the big vacuum and when to pay in and out more hoses. Up top, we gave back information on how much air was left in the tank. It was pretty important not to let the air line be compromised, and to keep all hoses just right so they don't trip the guy in the hole. I worked both top and bottom depending on how the lead hand felt that day.

    One day I was on the radio topside and Bill down in the hole was giving me instructions, but he cut out and instead I was listening to a mommy changing her baby's diaper with all associated coos and giggles. The baby monitor was on the same channel as Bill and I. Cute, for sure, but Bill was definitely not laughing - he couldn't hear the mommy so didn't know what was going on. It was a sort of comedy with him pantomiming all sorts of obscenities with his hands and face, all zooted up down in the s#$t, with an overdub soundtrack of baby tickles. Pointing to my radio and giving him the "no-workie" sign didn't seem to appease him.

    Anyhow, back on topic, was I "intruding" on the mommy's house by listening in on her private time with her child? Was I spying by using her transmissions without ringing her doorbell and asking if I could listen in? Or was she in violation because she was intruding on our ability to use the radio channel for our city work related communications. The answer is neither. She was within her rights, we were within ours. That's the way it goes on shared spectrum. She can have no expectation of privacy, and I can have no expectation of exclusive use of the channel. I needed to change channels. At least that would have been the solution, but Bill's radio was under three layers of zoot suit. In the end, he came up the ladder, and was extremely pissed. I kept clear...the guy was a mess! He figured out it was funny the next day, but had to cool off first. So, now I do telecommunication consulting instead. It's cleaner.

    link to this | view in chronology ]

  • identicon
    Jack, 15 Dec 2007 @ 12:26pm

    It is stealing

    If you are using my wifi connection you are stealing my bandwidth that I pay for. This is akin to siphoning gas out of my car because I don't lock my gas tank. There is a limited amount of bandwidth that I have. Both bandwidth in data per second and also bandwidth as in monthly cap. If you are using my internet connection to download/upload data you are taking away from both the data per second that I can use and also the monthly total. This is stealing.

    link to this | view in chronology ]

    • identicon
      nipsey russell, 15 Dec 2007 @ 1:38pm

      Re: It is stealing

      jack, saying something doesnt make it so, its not stealing, secure your network and leave the rest of us alone. 30 seconds later your bandwidth wont be used by others and everyone wins. your router is broadcasting to my computer that it wants my computer to use it, stop being promiscuous and stfu

      link to this | view in chronology ]

    • identicon
      Sergio, 16 Dec 2007 @ 3:46pm

      Re: It is stealing

      Hello Jack,

      You're locking down your Wi-Fi in some way right?

      Whether people realize it or not, when you set up an AP, you are figuritively placing an ethernet jack in all the homes around you. If you cut those "cables" somehow and someone goes and reataches them, now you might have some legal grounds if you can prove it. Ignorance is not an excuse. Direct TV encrypts their signal (which is 2-way comunication), why? Because they don't own the airwaves they brodcast on and therefore don't want people watching for free.

      link to this | view in chronology ]

      • identicon
        Jack, 16 Dec 2007 @ 5:55pm

        Re: Re: It is stealing

        My wifi is secure and has never been open. I use WAP and I don't broadcast my SSID. I am just saying connecting to someone's wifi and using their bandwidth is in my opinion stealing. It is theft of service. If it were just the simple case of receiving broadcast data as it passes through the air then no that isn't stealing. Connecting to someone's wifi and just using the wifi bandwidth in my opinion is not stealing. Using someone's internet connection through that wifi is theft of service and is stealing. If someone maxes out a cable internet connection downloading whatever that is stealing the internet service someone else is paying for.

        I don't think just the fact that you don't lock your wifi means it's an open invitation for anyone to use your bandwidth. If I don't lock my house it's not an invitation to come inside and take my stuff. If I don't lock my car it's not an invitation to take my car.

        To those talking about the open wifi broadcasts itself to everyone nearby. So does my car. Anyone in the neighborhood can see it on my driveway just as anyone in the neighborhood could see the ssid. It's still not an invitation to steal it.

        link to this | view in chronology ]

        • icon
          Mike (profile), 16 Dec 2007 @ 9:17pm

          Re: Re: Re: It is stealing

          I don't think just the fact that you don't lock your wifi means it's an open invitation for anyone to use your bandwidth. If I don't lock my house it's not an invitation to come inside and take my stuff. If I don't lock my car it's not an invitation to take my car.

          But that's quite different. The WiFi is constantly sending out a welcome message saying "connect to me!" If you put a note on your car that said "take me!" then you could make the argument.

          link to this | view in chronology ]

  • identicon
    dijital, 15 Dec 2007 @ 2:09pm

    Permission given

    In order to connect to any wireless network, the user's computer sends a request to the network to connect. If the network was secure, the user has to prove identity by a password in order to access the network. If, however, the network has been left unsecured, then permission is given to anyone who requests access.

    Therefore at this level, permission has been given to use the network and it is not (in both senses of the word) technically stealing.

    link to this | view in chronology ]

  • identicon
    Bjorn, 15 Dec 2007 @ 5:14pm

    my not so simple setup...

    I live next to my parents (they're getting old, but can still use their PC) in a small town with lots of tourists. I've set up 11g networks in both houses that fail-over to each-other with simple WEP encryption. In addition I've set up open 11b networks with external antennas for the tourists to use. So far, no-one has tried to hack into my 11g networks -- and when big ships come in I can see visitors popping into and out-of my open network as they walk from the boat to downtown. Makes me feel all warm and fuzzy inside :-)

    link to this | view in chronology ]

  • identicon
    fuzzy, 15 Dec 2007 @ 6:14pm

    sure....

    About this time last year, my friend's car was stolen, and the cops refused to help -- why?? Because they left their doors unlocked and the engine running. The police department's stance on the issue was that my friends negligence was what led to the theft of the vehicle. If you're stupid enough to have a Wi-Fi network without any security because you're too lazy to type in a password (only once on most computers), then it is no crime for someone else to use your Wi-Fi network. It's exactly like calling the cops because the neighbor kids walked through your yard, even though you never built a fence to keep them out. They did you no harm, and you did absolutely nothing to keep them out -- And setting up a WPA password on your network is a helluva lot easier than building a fence.

    link to this | view in chronology ]

  • identicon
    Nic, 15 Dec 2007 @ 7:31pm

    Let's just say, for a moment,I agree that the airwaves are entirely public, is the information contained on those waves public? Who owns the information?

    Most of the unsecured communication I do over wifi is chat and web surfing. (I use otherwise secured media for other uses). If I happen to be doing some web shopping and don't realize that I am providing my visa number to an unsecured server, does my number now belong to the public?

    I think not. I may have been stupid but using it is still a crime. Being stupid may well invite crime, but, it neither excuses it, nor, makes it legal.

    All sorts of radio transmitted data is done so with the assumption of ownership. You cannot redistribute broadcast television, for example.

    The HAM argument only goes so far. HAM radio is meant to be open -- and non-commercial -- communication. WiFi doesn't have those requirements, and, it's reasonable for a non-technical (say someones grandmother as used in an example previously) to assume that, like many other areas they see as protected radio communication, their WiFi protected against unauthorized use. (like their radio, television, cell phone, etc.)

    Also HAM operators may not use their gear until they are licensed to do so -- and such licensing implies agreement on standards and rules. WiFi doesn't have that arrangement. I would caution, however, that requiring WiFi users to be licensed, another medium would replace it.

    In my state you can be arrested for using unsecured wifi (and it has been done) as "Theft of Services".

    To use the open door analogy, the open door doesn't authorize use of the stuff inside.

    But the problem is not going to be solved by legislation and law enforcement alone, nor is it going to be solved by waggling a finger at people who know the technology.

    The problem, and it sounds like this is happening, needs to be addressed by the hardware mfgrs, by making their devices default to, at least, WEP.

    link to this | view in chronology ]

    • identicon
      Sergio, 16 Dec 2007 @ 4:00pm

      Re:

      It seems like you and your state are ignoring that the AP is acting on your behalf and granting people access.

      Here's an example. You invite a friend to stay with you long term. You put him in charge of your water hose. He stands out in the front yard with the hose. I walk by and yell "hey, can I have some water?" to which he replies "sure!", I have a drink and go home. There is no way in hell you could then come over and say that I stole your water.

      Now, if you told your friend that only you and your spouse could use the water, or if you specify to him that he can only give water to someone who knows the code word, that's a bit different.

      link to this | view in chronology ]

  • identicon
    MrScott, 15 Dec 2007 @ 8:51pm

    Open Wi-Fi

    I have the WRT54GS router with the DD-WRT firmware, and I PURPOSELY leave it open for my neighbors to use it. The woman that lives behind me is a school teacher, so her school gives her a laptop for her duties. I provide the connection for her. There's a family across the street from me. I set up their connection. I have fiber optic here, so all three of us using it at the same time won't slow down anybody.

    Anyway, my point here is simple regarding the headline about "piggybacking open Wi-Fi is stealing". I call complete bullsh** on this one. Let's compare an analogy of this, shall we?

    If I put my old couch out on the curbside with a "FREE" sign sitting on it and someone takes it without asking me, is that stealing? Of course not! I WANT someone from the public to take it. That's what the free sign is for. Now, if I make my SSID on my router to "OPEN" and don't use any kind of encryption and someone from the public takes my signal and uses it, (because Wi-Fi is also being broadcast outside my home) is that stealing? Of course not! But the story makes it appear that way. I WANT the public to use my Wi-Fi. That's what the "OPEN" is for. It's open to the public.

    Now, anyone with any sense at all that has a Wi-Fi router, has to configure it in SOMEWAY in order for it to work with their setup at home or at the office. Somewhere in those settings is the encryption setting, whether it be WEP, WPA, Pre-shared key, channel number, Access Point or Client, the MAC address(es) and so on. If they skip the encryption settings and leave it open, how in the WORLD is the general public supposed to know if the user has made it open (like I have) or they're just too damned lazy to secure their connection? If I see something that someone has purposely left in their yard with a free sign on it, and I want it, I'll take it. Why? Because I want it and it's free, that's why. Same with Wi-Fi. If I see an "OPEN" or "PUBLIC" SSID when I search my neighborhood connections, (that's a feature with DD-WRT firmware) and there's no encryption, I'll take that connection. Why? Because I want it, and it's free. That's why! As long as I'm not using some software or hardware to circumvent the security of the router at the access point trying to get a free connection, how in the world is this stealing???

    I see no difference between an open Wi-Fi connection and the "free" couch I mentioned earlier. If the owner takes no steps to protect their own property and convinces to public that it's free, it'll be used or taken by someone. Take my word for that.

    I'm sorry here, but if a person that buys a piece of hardware and doesn't RTFM (Read The Freekin' Manual) to learn how this contraption works, I guess it's our fault and not theirs. (sarcasm)

    It's just a sad, sad world we live in. (sigh)

    link to this | view in chronology ]

    • icon
      Peet McKimmie (profile), 16 Dec 2007 @ 1:49am

      Re: Open Wi-Fi

      If I put my old couch out on the curbside with a "FREE" sign sitting on it and someone takes it without asking me, is that stealing?


      In many cities, technically, yes. Items left at the curbside(sic) automatically become the property of "the city" and no amount of attached notices can negate that.

      link to this | view in chronology ]

  • identicon
    Troy, 15 Dec 2007 @ 9:30pm

    Stealing WiFi?

    The issue of WiFi piggybacking is multifaceted. First you have the pay connections who are the real losers when the public does not secure their connections.

    If I go to my local $5 cup of coffee house and want to check my email I am given the opportunity to use a pay connection. However, if the business next door or the guy in the flat above is making WiFi available for free I know which hookup I am going to use. The coffee house loses a couple of bucks on this.

    The second loser is the individual who is paying for the connection I am using.
    Most WiFi routers are capable of supporting a lot of computers, however the more users the slower the connection. Now, if I am paying for the subscription I want to get everything I am paying for. If you are using it and slowing it down I am not a happy camper. I need to take responsibility for my connection and let anyone trying access it know they are not allowed.

    Obviously there are concerns about security for the person who leaves their door open, but that is not what scares me. I have not heard of it yet, but I am sure it will not be long before we hear about some computer geek who sets up a wireless internet connection in a high traffic area and hacks into unsuspecting piggybackers. How long would it take to figure out that all of your personal information was stolen while you were sitting outside your favorite coffee house? Long enough that the real thief would be long gone.

    I would caution anyone who is piggybacking to remember that nothing is free.

    link to this | view in chronology ]

    • icon
      Mike (profile), 16 Dec 2007 @ 10:28am

      Re: Stealing WiFi?

      Troy, you make a huge mistake in your statement, which is you naturally assume that someone choosing a different option is the equivalent of a "loss." That is not the case.

      First you have the pay connections who are the real losers when the public does not secure their connections.

      No. The connectivity provider did not "lose" anything. They simply failed to capture someone's dollars. In other words, it's a marketing problem, not a criminal one. No one "lost" anything because there was no guarantee that someone would pay.

      If I go to my local $5 cup of coffee house and want to check my email I am given the opportunity to use a pay connection. However, if the business next door or the guy in the flat above is making WiFi available for free I know which hookup I am going to use. The coffee house loses a couple of bucks on this.

      Same mistake. Let's take a similar, but slightly different example. Let's say two coffee shops are next door to each other. One offers fee-WiFi and the other offers free-WiFi. I go into the one that offers free WiFi. By your very definition, I've now "stolen" from the other one, because they're not getting my money.

      The second loser is the individual who is paying for the connection I am using.

      Again you are assuming that the loss on the connection is noticeable and that the person who offered up the connection minds.

      We have always said that it's not a good idea to swamp someone's connection if you're piggybacking, but if you're merely checking email and surfing the web, no one is going to notice. It's marginal at best, and the cost is not noticed by anyone.

      link to this | view in chronology ]

      • identicon
        Troy, 17 Dec 2007 @ 7:17am

        Re: Re: Stealing WiFi?

        Mike,

        I did not make my self clear. I should have put the word lose in quotes. I do not think that piggybacking is stealing from the coffee house. I just merely offered a few examples of who might be "losing out".

        I do take exception though to you characterizing the loss experienced by someone using an unsecured network as negligible. What if you were losing 1 penny per week to 1 person innocently piggybacking? No big deal. How about a coffee house full of users? I find it difficult to rationalize taking something just because it is small. I also see the point that if I do not secure my connection then I am inviting anyone to use it.

        More importantly, I did caution people not to just use any open connection because it is open, and it is probably a good idea to secure the connection if you own it. It is kind of like safe sex. Both parties are responsible for not getting pregnant or transmitting disease.

        I love a healthy debate.
        Troy

        link to this | view in chronology ]

  • identicon
    Rose, 15 Dec 2007 @ 10:41pm

    Stealing? I think not...

    At the end of the day, who owns what airspace?

    U.S. law says everything above my property line is MINE, but they exercise eminent domain for airplanes and satellites. I don't recall similiar legislature that says that wi-fi users can trespass on my property whenever they please. Even airlines have to pay taxes for the privilege of using my airspace. Even though it is, in fact, 'trespassing', it seems very silly to object to such a thing. It's as silly a concept as wi-fi 'theft'.

    So, even though I'm not using that airspace and I haven't tried to stop you from using it in any way shape or form, you are 'stealing' my airspace when your wi-fi signal travels through it to get to your home.

    So calling me a thief is like standing in the street and yelling, 'All wi-fi users are dirty trespassers! Spread the word!'. Sounds pretty idiotic, huh?

    link to this | view in chronology ]

  • identicon
    DNeoMatrix, 15 Dec 2007 @ 11:02pm

    If your neighbor is talking to you over the fence - they are invading your space with their sound waves. Whether wanted or not, they do it. If you reply to them, you are doing exactly the same, invading their space, except they came in and asked you to respond by saying something. So simply responding to what they have already said, is not illegal. Same with wifi - they are sending an ACTIVE signal into your house, what if you don't want this? What if you want your house signal free? should you coat it with a cage blocking out the signals? no, that's absurd. So if someone sends your computer an active invite (which is what an open wifi signal is), then saying "Why yes, I would like some of that internet you're offering", can't be a crime. For what the signal does is infact ask you that question, "Hello, any computers out there? I have some internet here, my name is xxxxx, if you want some internet, just tell me, and i'll give it to you" (Actual words may vary slighty) Now this would be different if you actually had to ping the routers and ask them to respond first. If you could make a router that doesn't BROADCAST an SSID (to deal with zerojj said above about wifi not being broadcast - yes, certain parts of the connection are broadcast, like the SSID, etc)

    Quick & Dirty summary,
    Responding to a message already entering your home in an unrequested manner, is not and should not be a crime.

    link to this | view in chronology ]

  • identicon
    glitch, 16 Dec 2007 @ 3:05am

    part of the problem is also ISP's

    i want to change the program i am on....but by doing so, i am required to surrender my cable modem and take a 4 port wireless job.

    i had a wireless a few years ago, a netgear wgt624 802.11g
    but it was given to me and i decided it was too much aggravation. i put it out with the garbage.

    my system sits within 4 feet of the entry point in the wall, and i never move it.

    i'm not gonna RTFM. i shouldn't have to. i will call tech support and have them tell me step by step how to lock it down. although it is a 4 port wireless, i will only ever use 1 wired port.

    link to this | view in chronology ]

  • identicon
    glitch, 16 Dec 2007 @ 3:05am

    part of the problem is also ISP's

    i want to change the program i am on....but by doing so, i am required to surrender my cable modem and take a 4 port wireless job.

    i had a wireless a few years ago, a netgear wgt624 802.11g
    but it was given to me and i decided it was too much aggravation. i put it out with the garbage.

    my system sits within 4 feet of the entry point in the wall, and i never move it.

    i'm not gonna RTFM. i shouldn't have to. i will call tech support and have them tell me step by step how to lock it down. although it is a 4 port wireless, i will only ever use 1 wired port.

    link to this | view in chronology ]

    • icon
      Peet McKimmie (profile), 16 Dec 2007 @ 5:51am

      Re: part of the problem is also ISP's

      If you *do* RTFM you'll find there's an option to turn off the wireless. It uses a lot less power then, too.

      link to this | view in chronology ]

  • identicon
    dumbfounded, 16 Dec 2007 @ 3:27am

    I can't believed that there is any debate over this issue. When you connect to a wireless AP you request permission to acess it; an unsecured AP will always grant you that permission. How is that considered theft? It is so easy to deny that permission that I (along with the majority of people apparently) do not consider there is anything wrong with using an unsecured AP. After all, I was given express permission to do so. That's how the technology works. I think that perhaps those of us that understand this need to repeat it loudly and often. As has been said before, if you are going to use a technology that is new to you, take the time to learn what you are doing. It's not rocket science.

    link to this | view in chronology ]

  • identicon
    Overcast, 16 Dec 2007 @ 9:04am

    The 'take the car' and 'walk in the house' analogies don't really work - when you 'take the car' you are physically taking something. When you 'walk into the house' you are trespassing.

    It's more like your neighbor is leaving his garden hose running... water is spilling into the street.. If you take that water, it's not theft, it's run off onto a public area.

    Can't see why wireless is any different. If the neighbor has a problem with you getting the water, he should shut off the hose.

    link to this | view in chronology ]

  • identicon
    AZ, 16 Dec 2007 @ 9:49am

    wifi

    I use free wifi all over the place when on the road. Wireless data is expensive. I simply pull over to a exit on the freeway and somewhere as soon as you get off the road there are several free networks or open networks.

    I leave my home network open. I say we share the internet as long as its not some person eating the account up 24x7 with porn or illegal things let them check their email and whatever.

    You would be surprised just how many networks are open in town. I had a 6-7mb charter cable signal while on vacation from the deck so I sat out there with my laptop and its built in antenna and had loads of fun. Way faster than my dial up was...now I have a 384kbps+ account so its not so bad.

    link to this | view in chronology ]

  • identicon
    ted, 16 Dec 2007 @ 9:51am

    Invitation accepted

    That pretty much says it. Your router invites me to use it's access. My acceptance of your invitation is like my acceptance of your dinner invitation.

    Some of you would like to claim I stole dinner? That's pretty idiotic. But then again some of these arguments are clearly written by idiots.

    link to this | view in chronology ]

  • identicon
    Chuck, 16 Dec 2007 @ 12:14pm

    Arrest them.

    If its such a crime, arrest that 54% of the population.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2007 @ 1:42pm

    hardware...costs... service costs... do it yourselfers..

    leave gaps/ loopholes.. to save a buck or two...

    permantly borrowing your neibours files over a shared drive on wireless lan...

    "shared"

    its justa learning curse / curve

    link to this | view in chronology ]

  • identicon
    penguinv, 16 Dec 2007 @ 7:21pm

    Re Those who insistently repeat "It is stealing."

    link to this | view in chronology ]

  • identicon
    penguinv, 16 Dec 2007 @ 7:31pm

    Nice counterop to: Those who insistently repeat

    1. Assumption of good will and competence. ie ignorance is no defense, but the inverse. IMHO all of those who set up an open WEP mean to have it that way.

    2. Good will and sharing. We are one spirit. We wish to share our lives with others. All is not done by laws and formalities as in taxes and roads, munitions and the army. There is private faithbased shariting. Call it charity or call it hospitality.
    Our faith is that by being helpful we make life better for others. Call us humble. Call us useful. Call us crazy. Call us those who share in the real ethics of science.
    When I set up a network I want to share my purchased property/ service with others. They share with me. The more this happens the fairer it is.

    3. This premise as a business model. I've read about a company who has made these units. You pay for the unit and the wireless is free. The company name starts with the letter M and if you know it please email me.
    Sharing is a good thing. Open wireless is like Linux. And may Linus continue to be blessed.

    Now this agrees with over half of the discrete posters (duplicate entries not counting as duplicate votes) and says it in a different way.

    All the best in this season to you and yours.

    link to this | view in chronology ]

  • identicon
    dumbfounded, 16 Dec 2007 @ 10:37pm

    I don't think just the fact that you don't lock your wifi means it's an open invitation for anyone to use your bandwidth. If I don't lock my house it's not an invitation to come inside and take my stuff. If I don't lock my car it's not an invitation to take my car. Yes it IS an open invitation to use your bandwidth if you don't lock your wifi; if you don't lock it it is GIVING EXPRESS PERMISSION to anyone that connects to it to use it. It's not stealing if you are given permission to use it. If you are too lazy to read the manual and spend the few minutes to learn how to block people from connecting to you, too darn bad. If you choose to not be responsible for such a simple thing that is under your control, then you need to accept the consequences of your lack of responsibility and not blame others for it.

    link to this | view in chronology ]

  • identicon
    r. decline, 17 Dec 2007 @ 6:39am

    open and free

    i've run my wifi connection at home under the name "open and free" just so my neighbors know i don't care. is my router itself locked down? you better believe it...but the connection itself isn't...course i came at this from a micro-power broadcasting standpoint, i want the airwaves free, so what right do i have to then lock down my wifi signal? interestingly several other neighbors seemed to have followed suit on their own, and there are now several other connections a few doors down called "open" and "free to use."

    link to this | view in chronology ]

  • identicon
    George, 17 Dec 2007 @ 7:02am

    Nice try

    If you have an open wi-fi signal you're generous or dumb. If you leave cookies on your porch you're generous or dumb.

    If someone comes to your front door and eats your cookies (no tech-pun intended) they know they're taking something that they haven't been specifically invited to take BUT, no court in the land will charge them with theft and it's not that much of a stretch to infer they were left there for guests. (Lot's of geeks share, I share my signal.)

    So yes, you're taking something that a considerate person wouldn't take without specific permission (a note that says "have a cookie!" or a SSID of "free_access") but being inconsiderate (and it IS being inconsiderate) does not make one a criminal - just kind of a jerk.

    If your neighbor has an open signal be a good geek and tell him, offer to lock it down for him and ask him if he'd like to share (safely.) If he doesn't care if it's open, all the better but to not say anything and exploit is, at the very least, impolite (and you know it - don't rationalize!) What it isn't is criminal.

    link to this | view in chronology ]

  • identicon
    Untrusting..., 17 Dec 2007 @ 9:15am

    Not on my IP address!

    I would leave my signal open .. BUT...

    I dont like the risk of someone doing something illegal
    through MY IP ADDRESS.

    That's it in a nutshell. I have no problem configuring a separate
    open network and with the sharing aspect per se. The problem
    is: I don't know who I would be sharing with, and the an open
    connection means that my house becomes responsible for the
    traffic flowing through it. What if they launch a deluge of
    spam? a ddos attack? What if they use the open connection
    to email threats to someone?

    There are too many unknowns to expose my personal house/IP
    address like that. Someone could drive by in the middle of the
    night, do something stupid, and I wouldn't know until a day or
    so later when I get agents at the door or whatever.

    It's not worth it! If I were running an Internet Cafe, that's different,
    because you expect to have anonymous traffic. The bit about
    opening a household IP is just.. well .. too close to home to
    be comfy with!

    link to this | view in chronology ]

  • identicon
    Jon, 17 Dec 2007 @ 3:14pm

    Ignorance

    The one thing I have to say to everyone stating that the provider of the unsecured network can't be held responsible to know/understand the implications of their actions..

    Since when did ignorance hold up in court as a valid defense? Last time I checked, "Um sorry officer, I didn't know." was a defense at the law enforcements discretion/mood at the time. Not a valid argument in a court of law.

    I am sure there are a 1,000+ anecdotal responses to this. That is true as there are ALWAYS exceptions. As a general statement, the more serious the offense is, the less value an ignorance plea holds. In the case of 'stolen' wifi, if it IS serious, there is more than likely some malicious intent going on and the ignorance plea is moot. Otherwise, the insignificant 'costs' incurred by someone casually using your open wifi signal wouldn't even make it to small claims court. You can call it the cost of electricity, bandwidth, lag in your streaming porn, or whatever else you need to rationalize it with. It is still insignificant and would cost you more in gas to visit your lawyer.

    This country has definitely lost its grasp on self-accountability and responsibility. It is always someone else's fault or you're the victim. To quote Dennis Leary, get a f*cking helmet!

    link to this | view in chronology ]

  • identicon
    Public Parking, 18 Dec 2007 @ 11:43pm

    This is a stupid debate. Anyone who broadcasts a wifi signal on PUBLIC airwaves and expects privacy is insane. They are using a PUBLIC resource, like water that flows over a dam is PUBLIC water.

    Stop whining and encrypt your shit or shut the fuck up.

    Considers SERIOUSLY suing my neighbors for ATTACKING me with low level radiation !

    link to this | view in chronology ]

  • identicon
    Northwest, 19 Dec 2007 @ 10:23am

    North

    "Can I sue a wifi operator for beaming low level microwave transmissions into my apartment ? Causing abnormal brain activity and mild hallucinations ?"

    You're all just part of this weird dream I had. The dream started off with some guy named Al Gore inventing something called the Internet. It was a very strange dream indeed.

    link to this | view in chronology ]

  • identicon
    Free Bird, 25 Dec 2007 @ 3:40pm

    "piggybacking"

    If a parking lot is open and there are no signs present, why would I think I couldn't or shouldn't park there? Similarly, if some leaves their internet connection wide open, it's called giving "tacit approval" to others using it.

    Certainly any hacking is ethically wrong, but using something that's wide open to me, right from my own home is not wrong.

    Securing one's connection is just too easy. If they don't it's their own fault.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.