Security Firm Sophos Calls WiFi Piggybacking 'Stealing'
from the mischaracterizations dept
It should come as no surprise that a security firm, in this case Sophos, is casting the act of using a neighbor's unsecured Wi-Fi access point as a crime. The bigger the threat, the more money there is for security solution vendors and consultants. In the latest research, Sophos found that 54% of wireless users surveyed had "stolen" access at one time or another. The report then frames these casual users as thieves by lumping them in with the epithet "cybercriminals". Techdirt's position has been steady: If a hosting Wi-Fi owner transmits a signal into your property or public area, and that signal proactively announces an SSID which functions like an invite, yet the host has left the network unlocked, then the host's DHCP server actively accommodates the guest and offers an IP address for them to use... then why would any casual user suppose the host's intention is not to share that Wi-Fi? Certainly the host's actions indicate an intent to share. There is no lock breached, there is no violation of private property. There is no trespass. But forget these technical arguments, let's look at the Sophos data: a 54% majority of Wi-Fi users have shared someone's Wi-Fi (and I'd say more have but weren't aware). Are the majority of people really cybercriminals? Also, if victims need to be told that they were "robbed" by Sophos research and a press release, and sensationalist news stories, just how victimized were they? Yes, there are real risks to offering an open AP, so we advise most people to lock down their Wi-Fi. That doesn't make criminals of cybervisitors.Obviously, the situation can be very different if just a few parameters are changed:
- If ANY kind of hack or bypass is needed to get through some form of security, then the innocence of the visitor is highly dubious. Even the easily hacked WEP is 100% functional as a signal that the host does not want "visitors".
- Any kind of viewing, or messing around inside the host's LAN, PCs, and other equipment is illegal through existing laws. Doing so is no longer a victimless activity.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: free-riding, security, wifi
Companies: sophos
Reader Comments
Subscribe: RSS
View by: Time | Thread
Separate VLAN
Not since I installed the automated turrets and minefield, anyway.
[ link to this | view in chronology ]
Re: Separate VLAN
[ link to this | view in chronology ]
Packets should be allowed to roam freely
[ link to this | view in chronology ]
STEALING????
Second, By their "definition" of "theft" being using a un-secured signal, and "belonging" to the person which paid for it; Then (by their definition) Listening to radio that is playing somewhere besides on the radio YOU paid for, is a crime and we should all report immeadately to our local police departments, and turn ourselves in. (the beach, a car going by, a bar, a friends house, the grocery store, on hold to Sophos) I mean, the radio signal you hear is being played on a radio you DIDN'T PAY FOR! Not to mention, these mediums BOTH pay for their operating expenses and then PROFIT in the same manner, advertising! When you use a Wi-FI signal (the signal in question may just have invaded your private living space for you to "use" in the first place, but that is a separate argument) you are subject to the same advertising as the person for which it was directed, same as radio. If SOPHOS, or anyone else for that matter, cares so much about air waves and who paid for what, then CB's, radio signals, T.V. air signals, sound waves, light beams, birds traveling, bugs and anything else that uses the air to travel, MUST pay the rightfull owner their due, only god or mother nature, intended this to be free and unrestricted travel, and plus, they don't accept credit cards :(
[ link to this | view in chronology ]
Yup.
1) I live in the middle of nowhere pretty much. Who's gonna steal my wifi?
2) It's easier for me...I don't have to keep typing in the damn WAP key.
3) Why the hell should I care if someone else wants to use my wifi? My computers are well enough locked down that it doesn't matter to me who's on my network.
[ link to this | view in chronology ]
Re: Yup.
[ link to this | view in chronology ]
WiFi Piggybacking 'Stealing'
[ link to this | view in chronology ]
any HAMs on here that actually understand this iss
What I have to disagree with is the incorrect classification of WiFi as "broadcast"-type signals. The simply cannot be classified in the same category as TV, radio, and flashlights. WiFi, cellular, etc are all TWO-WAY mediums. In order to even get an IP address from the system in question, you must have a TWO-WAY radio conversation with the Access Point station in question. You simply cannot do anything besides passively "eavesdrop" on wifi without transmitting a signal back to the AP. This whole return transmission path is an ACTIVE engagement of the AP.
Please, please, please stop comparing wifi usage to passive interception of a broadcast, as it is not. This fallacious argument confuses the real issues at hand with wifi laws and security in general.
Do focus on how that if no steps are taken to:
1. secure with a password, mac filter, or some other method,
2. announce that the system is only meant for authorized users (i.e., paying customers) via splash page, etc,
3. otherwise limit undesired access,
then it must be assumed that the system is "public"
[ link to this | view in chronology ]
Re: any HAMs on here that actually understand this
I don't have to have a ten foot fence covered with no trespassing signs to have legal standing to accuse you of trespassing if you are caught sitting on my back porch swing. However, if I fail to put up the fence and signs I shouldn't be surprised if I am taken advantage of by those who have no respect for personal property.
But, regardless of my carelessness to protect my property doesn't mean I can't have you arrested if I catch you trespassing.
[ link to this | view in chronology ]
Re: Re: any HAMs on here that actually understand
Better check your laws because that's not the case in most states. I had a guy open my car door on my property and start going through my stuff. When the cops arrived(after he left) they told me I couldn't do ANYTHING to him because I didn't have signs posted for no trespassing and it was my word against his regarding whether he was in the car.
[ link to this | view in chronology ]
Re: Re: Re: any HAMs on here that actually underst
[ link to this | view in chronology ]
Re: Re: any HAMs on here that actually understand
[ link to this | view in chronology ]
Re: any HAMs on here that actually understand this
The FCC doesn't distinguish between a two-way communication and a standard broadcast in the law itself. If you have the right to broadcast on a band and you receive an unencrypted signal on that band, you have full rights to send a response. Period.
This arguement is used because we have to deal with the signal itself and not the "active communication"(that is strangely not-so-active for the humans in the picture if you didn't notice). Someone invariably brings up that it's "their signal" and that others don't have the right to respond to it even if it's not encrypted. That's like saying that you can talk on a CB(a public band) and other members of the public can't respond. It doesn't work that way because it's a public band.
[ link to this | view in chronology ]
Re: any HAMs on here that actually understand this
Plain and simple. If you don't protect it and label something as important and privte then don't get your feelings all hurt when people that happen by treat your wireless with the same amount of respect of privacy that you did when set it up and shared it with everyone in reach of the signal. Because that is exactly what you did, you shared your wireless.
[ link to this | view in chronology ]
Re: Re: any HAMs on here that actually understand
If you broadcast your SSID, then you are saying to the world, "Hey, if I don't have a password, then you're free to come inside. If I do have a password, then go away or ask the owner of this signal if you can have access!"
If you don't want me on your signal, then stop announcing it to the entire neighborhood! Because if my power goes out, and yours is still on, I am gonna be on your network with my laptop, and if it happens to you, then you can use mine...er, well, if you come over and ask me for the password first! ;)
[ link to this | view in chronology ]
Re: any HAMs on here that actually understand this
[ link to this | view in chronology ]
Stealing?
[ link to this | view in chronology ]
Re: Stealing?
Here we have a problem with the culture of the so called "hacker", especially these pathetic specimens who piggyback people's connections for fun. Oh sure, it's totally acceptable to use someone's access because they didn't bother to secure it properly. Fuck you. Most people don't know who to do these things, and they will never understand things like WEP or WPA. That doesn't mean they're stupid, it doesn't mean they're lazy, and it doesn't mean they deserve to be exploited.
"Oh but, they could take the time to learn, afterall, I did". I can just hear the nerd saying it. Once again, fuck you. A lot of people do not have the time to learn, or don't care to. No one wants to spend they're life trying to figure out wireless security just to prevent some asshole from dropping by to steal their connection. Show some fucking decency. If you didn't ask for it, don't take it, because it's fucking stealing.
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
Wrong, any AP broadcasting a default SSID is not only granting permission but promiscuously asking you to join.
"Most people don't know who to do these things, and they will never understand things like WEP or WPA. That doesn't mean they're stupid, it doesn't mean they're lazy, and it doesn't mean they deserve to be exploited."
First of all, if you bought wireless to keep from having to plug in to e-net, you already have the lazy tag. If you did so without reading the manual, doubly so.
A lot of people don't understand how gunpowder explodes either but are we going to treat the dumbass who looks down the barrel of a loaded gun and pulls the trigger as a *victim*!?!?
We need REQUIRED tests for purchases of a WAP that way we can get rid of this "I'm too lazy to setup my router securely and I need a nanny state to protect me from my own stupidity" attitude that I see so prevalent. Darwin is weeping. We have drivers licenses to ostensibly keep the dumb drivers off the road so it's time for a WAP license so that people can be held accountable for their own actions.
[ link to this | view in chronology ]
Re: Re: Stealing?
-> Yes it does. The manual that comes with the product even tells you how to do it. Hell, if you use a Linksys the setup CD tries to get you to use some form of it. There is no excuse for not learning how to use a tool. Next you'll be saying that someone who accidentally shot their neighbor shouldn't be punished because he didn't learn how to use a firearm.
""Oh but, they could take the time to learn, afterall, I did". I can just hear the nerd saying it. Once again, fuck you. "
-> Ah so that's your angle. Upset that someone knows more about a subject than you, and is telling you you are wrong.
"A lot of people do not have the time to learn, or don't care to. No one wants to spend they're life trying to figure out wireless security just to prevent some asshole from dropping by to steal their connection. Show some fucking decency. If you didn't ask for it, don't take it, because it's fucking stealing."
-> What work? What life time? Its a one time setup. The only requirement is remembering the password in case you need to change anything. It will take only 5 - 10 minutes longer to setup your AP and you'll essentially have a put a lock on it, or some flag that your connection isn't public.
Some people DO provide public WiFi and you can't tell the difference unless someone has some sort of security to prevent access.
Furthermore, what of my neighbors? From my room there are 17 AP's, 4 of which are secure, 1 of them being mine. The rest are wide open and useable from MY property. Can I sue them for pollution or some such bullshit?
You sir are an ignorant bigot. I suggest you throw out your AP and stop polluting the websites you troll like you apparently are 'polluting' your neighborhood with your open-but-you-can't-use WiFi.
[ link to this | view in chronology ]
Re: Re: Stealing?
And a lot of people who have cars don't have the time to learn, or don't care to drive them properly, but we should let them on the road anyway?
If you plan to use a technology, you need to learn how to use it properly.
[ link to this | view in chronology ]
Re: Re: Stealing?
No. Actually, this is wrong for a variety of reasons. First of all, you say "without asking," but your AP broadcast out a message saying "Connect to me!" No asking is needed, since your AP did the inviting.
You didn't pay for it, you were not granted permission, and probably you are not telling the owner about it, so yes, you are a criminal
According to this definition, you have stolen Techdirt.
* You did not pay for it
* I did not grant you permission to visit.
* You did not tell me you were going to use it.
Thus, according to your definition, you are a criminal. Now, you may say that I granted you permission in setting up this open web page. But what we're saying is that's the same thing as setting up an open WiFi AP. That person has granted permission.
[ link to this | view in chronology ]
Re: Re: Re: Stealing?
Also, and I'm sure there will be some sort of "it's not a tangible item" or "infinite supply" argument, but I kind of consider internet to be a utility. Would it be okay if some came along hooked up a hose to my faucet outside or plugged in an extension cord to my outside outlet? I mean I didn't specifically forbid it.
[ link to this | view in chronology ]
Re: Re: Re: Re: Stealing?
The problem with just changing your SSID and not making it private is that your ap is still broadcasting and accepting connections. If (as I do with my laptop) I select auto-detect network settings and your ap broadcasts and accepts an auto-connection is that still stealing? I wouldn't have seen your SSID say keep out, because my laptop and your ap connected automatically. Are the computers then responsible for committing this "crime"? Should we prosecute Hal?
Also, your analogy is incorrect. You have to pay for water and for electric so plugging in either a hose or extension cord would cost you more money. Using an open ap does not cost you more (unless you count your opportunity cost of having a slower network, and if you are then you should be intelligent enough to read instructions in the manual, in which case you need to be responsible for securing it). Now, if you do have a network connection that costs you more based on usage, again it is your responsibility to secure your network.
And to anyone who says "well, its too difficult to secure a network" is either (a) too lazy or (b) shouldn't be setting up their own wireless network. If you know that your knowledge of electronics is so limited that you can not read an instruction manual and follow directions, pay Best Buy $40 to install it for you. Otherwise, don't complain when your network isn't secured and someone connects. And please don't try to counter with the "I don't have enough money to have someone install my wireless router" argument. If you have enough money for a network connection and to buy a wireless router, you should be able to afford the $40 or whatever it costs to have someone install it and secure it.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Stealing?
I never said I didn't understand or didn't have the technical knowledge--don't insult my intelligence by assuming that you're somehow superior--I'm asking a question and found exactly what I expected: you freeloaders always have an answer for everything. You want everything to be free *for you*--everything's good so long as someone else is paying. I find it amusing and sad that so many of you are so willing to take advantage of people ("They should have been smarter"?)--it's a sad state of affairs. How about common decency?
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
Now that you've read you manuals let's put your pathetic logic to work. For this we'll all have to imagine you finding a girl and you then have kids. Now send you daughter out clubbing with her home phone number and perhaps her home address both printed on the shirt. She doesn't need to print call me on it. Just the details of how to connect. Only people that get close enough to read the shirt will get the number but I'll bet she gets plenty of calls. Who's fault is it if some of these calls or comments that night aren't favorable? Your fault. The t-shirt printer's fault? Your daughter? The people that let her into the club? Maybe all or some of these could have helped along the way but it isn't going to be the callers fault. Not by a long shot.
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
[ link to this | view in chronology ]
Re: Re: Stealing?
It is a simple matter to secure an AP. A simple Google search or RTFM and 5 minutes is all it takes. It's pretty much a one time intellectual investment and does not require any deeper knowledge of networking or computing.
You might not take the time to learn to fix the engine of your new car but you would take the time to learn to use the functions of your new car would you not?
[ link to this | view in chronology ]
Re: Re: Stealing?
First, you are using up bandwidth that is public property, not just using up bandwidth on your own property, but on everybody's property in range of your excessively powered wifi. If it goes over the boundaries of the property that you are using it on then it is obviously emitting a more powerful signal than needed. And possibly interfering with others networks.
Second, it is the law in many places, that if you have a tree that crosses onto your neighbors property the part which is over your neighbors property is your neighbors, not yours. They may pick the fruit of the tree that is hanging over the property line, they may prune it back, if the trunk crosses the property line they may even carve away every last piece of it on their property EVEN if that kills the tree which you planted.
Getting upset with a neighbor using TOTALLY UNSECURED wifi is like going on vacation and instead of stopping your newspaper you tell the paperboy to send it to your neighbors house, without telling your neighbor, then getting mad when you come back and found that your neighbor had read your paper.
Third, with the number of free and public wifi hotspots around put up INTENTIONALLY by private people, businesses, and by public agencies who realize, correctly, that their facilities are owned by the public and should be available for public use as long as it does not interfere with their core mission.
For these reasons, I believe it should be the duty of the wireless network owner to secure their network if they do not wish for it to be used by any who can connect to it once it leaves their property. I do not care if turning on security is easy or difficult it should be the responsibility of the network owner to do so if they are going to broadcast off of their property.
[ link to this | view in chronology ]
Re: Stealing?
(You can just imagine the police reaction, can't you? Quite right too!)
[ link to this | view in chronology ]
Re: Stealing?
If I walked on to their property to use their wifi it would be the same thing. If their signal goes into my home I'm going to use it.
So to use a similar analogy to yours, if their door extends on to my property and they leave it open I will walk in and say hello
[ link to this | view in chronology ]
laws
The same logic probably also applies to sharing mp3's, circumventing digital media restrictions restrictions, etc...
[ link to this | view in chronology ]
Re: laws
[ link to this | view in chronology ]
Next thing ya know
[ link to this | view in chronology ]
http://www.offensive-security.com/
[ link to this | view in chronology ]
"without permission"
I have permission from the government to transmit and receive digital signals on the 2.4GHz spectrum, as long as those signals comply with certain technical restrictions.
YOUR access point is broadcasting a "Free WIFI available here!" announcement on those frequencies about 20 times a second iirc. You could turn that off, but you have not.
I transmit a reply asking to use your connection, and YOUR access point replies giving me all the information I need to make that connection. You could turn that off, but you have not. At no point has your access point even hinted that it isn't intended for public access.
It would be trivially easy for you to 'deny' permission at any point, in any number of ways. Turn off SSID broadcasting; filter unknown MAC addresses; require a WEP or WPA key and I would accept that the access point is 'no longer public' -- but you haven't done any of those things.
Car analogy. Your car is not merely unlocked with the keys in the ignition; that would still not imply that it's OK to borrow it. Your car it unlocked with the keys in the ignition, on the roadside, with a flashing neon sign on the roof that reads "Free public transport"
[ link to this | view in chronology ]
Re: #14, "Without Permission"
Difficulty "Learning" to make it secure is not an effective argument. If asks you if you want it secure when you set it up. If you are smart enough to get the thing running you are smart enough to make it secure.
The door unlocked analogy misses also. It's a door open analogy. An unlocked door is not an invitation - a wide open door is. When your neighbor show up in your kitchen for a visit are you going to claim trespass if your door was wide open?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re: Stealing?
But we can't criminalize all open AP usage. As for the uneducated not being capable of blocking their WiFI AP I can only say 'too bad.' If they really care enough about their AP they can spend a few minutes to set up a simple WEP lock. And if they don't care enough to do that, well, they quite simply Do Not Care. The owner of the WiFi has to have a bit of responsibility of their own, it's clearly printed in their operating manuals how to set up some simple AP locks. After all the only excuse for ignorance is apathy itself. I understand that people may not have the time to figure out how to protect their AP, but again it does not take that much time; and for those who do not care enough to take that time, again, Do Not Care enough about others accessing their open AP to take that time.
And for future argument's sake don't attack others with offensive language. It really does not help to get your point across and only makes it weaker.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Finally! A Techdirt Mistake!
Your viewpoint suffers from the same fundamental error as all libertarian ideologies: Assuming that the public has perfect knowledge is crazy and leads to erroneous conclusions. Just because someone buys a wireless box doesn't mean they know how to use it. In innocent ignorance, they may turn on their box to their detrement. And since the time has long passed (with Ben Franklin) that any human being could possess all current knowledge, it is unreasonable to expect people to know that the box comes to them in an unsecured state.
[ link to this | view in chronology ]
Re: Finally! A Techdirt Mistake!
And people, stop with the stupid analogies. You're not seriously comparing someone who's just casually using the the WiFi connection for their own casual use to trogans that are actively seeking to do harm.
There's no justifiable reason for anyone that owns a wireless router or other access point to not have it set up according to their needs. They can read the step by step instructions or call tech support or whatever.
This may be a case where "stealing" your neighbor's bandwidth may be considered morally wrong, depending on just how much of it you're taking; but from an ethical standpoint, no harm is being done, you aren't even running up any bills, and you're still within your own property.
This can't be criminalized. Sure, any malicious access to the network or actual harm is still a crime, but the grand majority of people that "shared" WiFi weren't doing that in the first place.
[ link to this | view in chronology ]
Re: Re: Finally! A Techdirt Mistake!
When your granny connects to her router for the first time, she's so happy to have a connection of any sort at all that she'll stop there rather than risk losing the connection again by fiddling with any of that "security" mumbo-jumbo. That way they can brag to their friends that they set the system up themselves without having to ask their grandchildren for help.
Again, the only solution to this lies in the hands of the companies who make the wi-fi routers. They should amend their installers in such a way that they demand a WPA key by default, and only after that is set up should they allow access to a control panel that gives the option to reduce the security settings, complete with stern warnings about why you might not want to do that.
That way, people who want to leave their connection open will still be able to do so, and those seeing an open connection would have a reasonable expectation that it was a deliberate invitation to use it.
[ link to this | view in chronology ]
Re: Re: Re: Finally! A Techdirt Mistake!
Of course, I did spend the extra hour learning about security; and then 10 minutes reconfiguring for WPA2/WPA-PSK. It's not rocket science, but the WEP would probably have been adequate!
[ link to this | view in chronology ]
Re: Finally! A Techdirt Mistake!
-> That's a bit different. Malicious intent is a key focal point of most laws. Hell for some its required to be proven. Someone using anything maliciously, and you can prove it, is guilty of a crime. Severity depends on the action.
BTW that's another thing that takes less than 5 minutes to setup, logging.
[ link to this | view in chronology ]
Re: Finally! A Techdirt Mistake!
[ link to this | view in chronology ]
Re: Finally! A Techdirt Mistake!
That's quite a different situation. For trojans to get onto her computer, something surreptitious had to have been done. That's quite different than setting up an AP that says "Everyone's free to use me!"
Also, we clearly note in the story that if *any* kind of hack or bypass is needed, then it's not acceptable. To get a trojan on a machine you are clearly bypassing some security.
Your viewpoint suffers from the same fundamental error as all libertarian ideologies: Assuming that the public has perfect knowledge is crazy and leads to erroneous conclusions
We assume no such thing... and I'd argue that I've yet to meet a libertarian (outside of the Randian wing) that believes such a thing.
Just because someone buys a wireless box doesn't mean they know how to use it. In innocent ignorance,
We're not assuming that any owner of a wireless AP knows how to use it. We're just saying that if an AP is set up with permissions granted, permission is granted. No crime is committed. It's that simple. You seem to ascribe to us some strawman beliefs in an attempt to knock them down.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Nobody had a drive or garage so the only parking was on the street. And the street was PUBLIC property.
Yet, because the parking space on the street was in front of his house he believed it to be HIS. I parked there once and he came to my door and read me the riot act. Ass hole.
My point is, the air waves are PUBLIC property. If you are broadcasting on PUBLIC airwaves, without a license, and make no effort to secure your transmission. You can have NO expection of ownership.
[ link to this | view in chronology ]
wow...the US gov is slipping !! and losing money
maybe they arent criminals, but the least is they should be called scum...bottom feeders...whatever
i passed on 2 free wireless routers this year:
1 from vonage [i opted for wired] and another from Verizon
i only keep the router for its firewall and have been using a free anti-virus prog for years..i have a very tight and secure system for no yearly cost
[ link to this | view in chronology ]
Hams position is that of the man next door to me saying I was "stealing" his parking space, because it was in front of his house, when in fact it was a public street.
[ link to this | view in chronology ]
dont use "public parking"
there is no on-street parking on my side
my landlord paved the front yard for the buildings dumpster and a parking space for me [tenant]
it is posted, private parking..can be towed
but it isnt private and the threat is worthless
i cant just call a tow truck and have a vehicle removed, i have to call the police first.
i can say someone is stealing my parking space and have no recourse.also, i would have to pay to have a vehicle towed myself, and have no means to recoup the fee.
[ link to this | view in chronology ]
Re: dont use "public parking"
BTW, I can't see that your story here has any bearing on the analogy Public Parking asserted nor does it have anything to do with this story.
[ link to this | view in chronology ]
Re: Re: dont use "public parking"
Sorry: i know it's off topic, but I found this out the hard way living in a university town, and coming home from work at 8AM and being unable to park in my Marked Space in the parking lot.
[ link to this | view in chronology ]
Follow-Up
We have classes for baby-care.
We have lessons and qualifications for handling firearms.
We have helmet laws for riding bikes.
Ham radio users need a license to use shared spectrum, to be assured they know how to use it correctly.
Even GMRS 2-way radios that you can buy at Costco require (by law) that you register for a license.
Did you know that even FRS 2-way radios, that they sell in kid's watches now, require that you follow several federally mandated rules of usage? There is a lot of precedent for requiring people to understand the risks, protocols, and courtesy of using shared radio spectrum.
Some comments here suggest that we are at the least rude and discourteous for "stealing" their Wi-Fi, but I retort that you are in fact rude and discourteous because you failed to learn the protocols of use before you started transmitting on shared radio spectrum.
Just try keying up a CB radio in a trucking area and not following protocols, and see how welcome you are. If you spend a little time listening in and learning the correct way to use the shared spectrum, you will be welcomed. It is those that are ignorant of the protocols that are being rude, presumptuous, and wrong. This has consistently been the case in radio spectrum, and probably applies equally well in the non-tech world.
That's why hams tend to side with us on this issue. So ignorance, apathy, etc. is not a great excuse. If you want to play, learn to use the toy.
In the case of a Wireless AP, the training is in the form of the manual or install CD. Your Wireless AP usually defaults to inviting visitors. If you choose not to read the manual, and remain ignorant, then that does not make a criminal out of someone who accepts that invitation.
Read comments 1 - 4. Those people choose to share their Wi-Fi, as do I (in a controlled way). How can I discern an ignorant person, who would choose not to share if only they knew how, from someone who is deliberately sharing? I can't. You need to turn on some security to signal me that I'm not welcome.
And the bottom line is this: nobody is making anyone use a wireless router. Like a firearm, if you are too lazy, busy, important, or ignant to spend the 5 minutes turning on WEP, then get a wired router instead.
Now here's a funny anecdote: I used to work in sewage. Yep. We cleaned pumping stations with a massive vacuum and a pressure washer. The guy down the hole in full SCUBA gear and rubber zoot suit wore a two-way FM radio that used a microphone that contacted his larynx on his throat to communicate with the crew on top. No, we were not swimming in the soup, only thigh deep, but there was a lot of spray and it wasn't pretty. The guy down the hole gave instructions to those above about where to position the big vacuum and when to pay in and out more hoses. Up top, we gave back information on how much air was left in the tank. It was pretty important not to let the air line be compromised, and to keep all hoses just right so they don't trip the guy in the hole. I worked both top and bottom depending on how the lead hand felt that day.
One day I was on the radio topside and Bill down in the hole was giving me instructions, but he cut out and instead I was listening to a mommy changing her baby's diaper with all associated coos and giggles. The baby monitor was on the same channel as Bill and I. Cute, for sure, but Bill was definitely not laughing - he couldn't hear the mommy so didn't know what was going on. It was a sort of comedy with him pantomiming all sorts of obscenities with his hands and face, all zooted up down in the s#$t, with an overdub soundtrack of baby tickles. Pointing to my radio and giving him the "no-workie" sign didn't seem to appease him.
Anyhow, back on topic, was I "intruding" on the mommy's house by listening in on her private time with her child? Was I spying by using her transmissions without ringing her doorbell and asking if I could listen in? Or was she in violation because she was intruding on our ability to use the radio channel for our city work related communications. The answer is neither. She was within her rights, we were within ours. That's the way it goes on shared spectrum. She can have no expectation of privacy, and I can have no expectation of exclusive use of the channel. I needed to change channels. At least that would have been the solution, but Bill's radio was under three layers of zoot suit. In the end, he came up the ladder, and was extremely pissed. I kept clear...the guy was a mess! He figured out it was funny the next day, but had to cool off first. So, now I do telecommunication consulting instead. It's cleaner.
[ link to this | view in chronology ]
It is stealing
[ link to this | view in chronology ]
Re: It is stealing
[ link to this | view in chronology ]
Re: It is stealing
You're locking down your Wi-Fi in some way right?
Whether people realize it or not, when you set up an AP, you are figuritively placing an ethernet jack in all the homes around you. If you cut those "cables" somehow and someone goes and reataches them, now you might have some legal grounds if you can prove it. Ignorance is not an excuse. Direct TV encrypts their signal (which is 2-way comunication), why? Because they don't own the airwaves they brodcast on and therefore don't want people watching for free.
[ link to this | view in chronology ]
Re: Re: It is stealing
I don't think just the fact that you don't lock your wifi means it's an open invitation for anyone to use your bandwidth. If I don't lock my house it's not an invitation to come inside and take my stuff. If I don't lock my car it's not an invitation to take my car.
To those talking about the open wifi broadcasts itself to everyone nearby. So does my car. Anyone in the neighborhood can see it on my driveway just as anyone in the neighborhood could see the ssid. It's still not an invitation to steal it.
[ link to this | view in chronology ]
Re: Re: Re: It is stealing
But that's quite different. The WiFi is constantly sending out a welcome message saying "connect to me!" If you put a note on your car that said "take me!" then you could make the argument.
[ link to this | view in chronology ]
Permission given
Therefore at this level, permission has been given to use the network and it is not (in both senses of the word) technically stealing.
[ link to this | view in chronology ]
my not so simple setup...
[ link to this | view in chronology ]
sure....
[ link to this | view in chronology ]
Most of the unsecured communication I do over wifi is chat and web surfing. (I use otherwise secured media for other uses). If I happen to be doing some web shopping and don't realize that I am providing my visa number to an unsecured server, does my number now belong to the public?
I think not. I may have been stupid but using it is still a crime. Being stupid may well invite crime, but, it neither excuses it, nor, makes it legal.
All sorts of radio transmitted data is done so with the assumption of ownership. You cannot redistribute broadcast television, for example.
The HAM argument only goes so far. HAM radio is meant to be open -- and non-commercial -- communication. WiFi doesn't have those requirements, and, it's reasonable for a non-technical (say someones grandmother as used in an example previously) to assume that, like many other areas they see as protected radio communication, their WiFi protected against unauthorized use. (like their radio, television, cell phone, etc.)
Also HAM operators may not use their gear until they are licensed to do so -- and such licensing implies agreement on standards and rules. WiFi doesn't have that arrangement. I would caution, however, that requiring WiFi users to be licensed, another medium would replace it.
In my state you can be arrested for using unsecured wifi (and it has been done) as "Theft of Services".
To use the open door analogy, the open door doesn't authorize use of the stuff inside.
But the problem is not going to be solved by legislation and law enforcement alone, nor is it going to be solved by waggling a finger at people who know the technology.
The problem, and it sounds like this is happening, needs to be addressed by the hardware mfgrs, by making their devices default to, at least, WEP.
[ link to this | view in chronology ]
Re:
Here's an example. You invite a friend to stay with you long term. You put him in charge of your water hose. He stands out in the front yard with the hose. I walk by and yell "hey, can I have some water?" to which he replies "sure!", I have a drink and go home. There is no way in hell you could then come over and say that I stole your water.
Now, if you told your friend that only you and your spouse could use the water, or if you specify to him that he can only give water to someone who knows the code word, that's a bit different.
[ link to this | view in chronology ]
Open Wi-Fi
Anyway, my point here is simple regarding the headline about "piggybacking open Wi-Fi is stealing". I call complete bullsh** on this one. Let's compare an analogy of this, shall we?
If I put my old couch out on the curbside with a "FREE" sign sitting on it and someone takes it without asking me, is that stealing? Of course not! I WANT someone from the public to take it. That's what the free sign is for. Now, if I make my SSID on my router to "OPEN" and don't use any kind of encryption and someone from the public takes my signal and uses it, (because Wi-Fi is also being broadcast outside my home) is that stealing? Of course not! But the story makes it appear that way. I WANT the public to use my Wi-Fi. That's what the "OPEN" is for. It's open to the public.
Now, anyone with any sense at all that has a Wi-Fi router, has to configure it in SOMEWAY in order for it to work with their setup at home or at the office. Somewhere in those settings is the encryption setting, whether it be WEP, WPA, Pre-shared key, channel number, Access Point or Client, the MAC address(es) and so on. If they skip the encryption settings and leave it open, how in the WORLD is the general public supposed to know if the user has made it open (like I have) or they're just too damned lazy to secure their connection? If I see something that someone has purposely left in their yard with a free sign on it, and I want it, I'll take it. Why? Because I want it and it's free, that's why. Same with Wi-Fi. If I see an "OPEN" or "PUBLIC" SSID when I search my neighborhood connections, (that's a feature with DD-WRT firmware) and there's no encryption, I'll take that connection. Why? Because I want it, and it's free. That's why! As long as I'm not using some software or hardware to circumvent the security of the router at the access point trying to get a free connection, how in the world is this stealing???
I see no difference between an open Wi-Fi connection and the "free" couch I mentioned earlier. If the owner takes no steps to protect their own property and convinces to public that it's free, it'll be used or taken by someone. Take my word for that.
I'm sorry here, but if a person that buys a piece of hardware and doesn't RTFM (Read The Freekin' Manual) to learn how this contraption works, I guess it's our fault and not theirs. (sarcasm)
It's just a sad, sad world we live in. (sigh)
[ link to this | view in chronology ]
Re: Open Wi-Fi
In many cities, technically, yes. Items left at the curbside(sic) automatically become the property of "the city" and no amount of attached notices can negate that.
[ link to this | view in chronology ]
Stealing WiFi?
If I go to my local $5 cup of coffee house and want to check my email I am given the opportunity to use a pay connection. However, if the business next door or the guy in the flat above is making WiFi available for free I know which hookup I am going to use. The coffee house loses a couple of bucks on this.
The second loser is the individual who is paying for the connection I am using.
Most WiFi routers are capable of supporting a lot of computers, however the more users the slower the connection. Now, if I am paying for the subscription I want to get everything I am paying for. If you are using it and slowing it down I am not a happy camper. I need to take responsibility for my connection and let anyone trying access it know they are not allowed.
Obviously there are concerns about security for the person who leaves their door open, but that is not what scares me. I have not heard of it yet, but I am sure it will not be long before we hear about some computer geek who sets up a wireless internet connection in a high traffic area and hacks into unsuspecting piggybackers. How long would it take to figure out that all of your personal information was stolen while you were sitting outside your favorite coffee house? Long enough that the real thief would be long gone.
I would caution anyone who is piggybacking to remember that nothing is free.
[ link to this | view in chronology ]
Re: Stealing WiFi?
First you have the pay connections who are the real losers when the public does not secure their connections.
No. The connectivity provider did not "lose" anything. They simply failed to capture someone's dollars. In other words, it's a marketing problem, not a criminal one. No one "lost" anything because there was no guarantee that someone would pay.
If I go to my local $5 cup of coffee house and want to check my email I am given the opportunity to use a pay connection. However, if the business next door or the guy in the flat above is making WiFi available for free I know which hookup I am going to use. The coffee house loses a couple of bucks on this.
Same mistake. Let's take a similar, but slightly different example. Let's say two coffee shops are next door to each other. One offers fee-WiFi and the other offers free-WiFi. I go into the one that offers free WiFi. By your very definition, I've now "stolen" from the other one, because they're not getting my money.
The second loser is the individual who is paying for the connection I am using.
Again you are assuming that the loss on the connection is noticeable and that the person who offered up the connection minds.
We have always said that it's not a good idea to swamp someone's connection if you're piggybacking, but if you're merely checking email and surfing the web, no one is going to notice. It's marginal at best, and the cost is not noticed by anyone.
[ link to this | view in chronology ]
Re: Re: Stealing WiFi?
I did not make my self clear. I should have put the word lose in quotes. I do not think that piggybacking is stealing from the coffee house. I just merely offered a few examples of who might be "losing out".
I do take exception though to you characterizing the loss experienced by someone using an unsecured network as negligible. What if you were losing 1 penny per week to 1 person innocently piggybacking? No big deal. How about a coffee house full of users? I find it difficult to rationalize taking something just because it is small. I also see the point that if I do not secure my connection then I am inviting anyone to use it.
More importantly, I did caution people not to just use any open connection because it is open, and it is probably a good idea to secure the connection if you own it. It is kind of like safe sex. Both parties are responsible for not getting pregnant or transmitting disease.
I love a healthy debate.
Troy
[ link to this | view in chronology ]
Stealing? I think not...
U.S. law says everything above my property line is MINE, but they exercise eminent domain for airplanes and satellites. I don't recall similiar legislature that says that wi-fi users can trespass on my property whenever they please. Even airlines have to pay taxes for the privilege of using my airspace. Even though it is, in fact, 'trespassing', it seems very silly to object to such a thing. It's as silly a concept as wi-fi 'theft'.
So, even though I'm not using that airspace and I haven't tried to stop you from using it in any way shape or form, you are 'stealing' my airspace when your wi-fi signal travels through it to get to your home.
So calling me a thief is like standing in the street and yelling, 'All wi-fi users are dirty trespassers! Spread the word!'. Sounds pretty idiotic, huh?
[ link to this | view in chronology ]
Quick & Dirty summary,
Responding to a message already entering your home in an unrequested manner, is not and should not be a crime.
[ link to this | view in chronology ]
part of the problem is also ISP's
i had a wireless a few years ago, a netgear wgt624 802.11g
but it was given to me and i decided it was too much aggravation. i put it out with the garbage.
my system sits within 4 feet of the entry point in the wall, and i never move it.
i'm not gonna RTFM. i shouldn't have to. i will call tech support and have them tell me step by step how to lock it down. although it is a 4 port wireless, i will only ever use 1 wired port.
[ link to this | view in chronology ]
part of the problem is also ISP's
i had a wireless a few years ago, a netgear wgt624 802.11g
but it was given to me and i decided it was too much aggravation. i put it out with the garbage.
my system sits within 4 feet of the entry point in the wall, and i never move it.
i'm not gonna RTFM. i shouldn't have to. i will call tech support and have them tell me step by step how to lock it down. although it is a 4 port wireless, i will only ever use 1 wired port.
[ link to this | view in chronology ]
Re: part of the problem is also ISP's
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It's more like your neighbor is leaving his garden hose running... water is spilling into the street.. If you take that water, it's not theft, it's run off onto a public area.
Can't see why wireless is any different. If the neighbor has a problem with you getting the water, he should shut off the hose.
[ link to this | view in chronology ]
wifi
I leave my home network open. I say we share the internet as long as its not some person eating the account up 24x7 with porn or illegal things let them check their email and whatever.
You would be surprised just how many networks are open in town. I had a 6-7mb charter cable signal while on vacation from the deck so I sat out there with my laptop and its built in antenna and had loads of fun. Way faster than my dial up was...now I have a 384kbps+ account so its not so bad.
[ link to this | view in chronology ]
Invitation accepted
Some of you would like to claim I stole dinner? That's pretty idiotic. But then again some of these arguments are clearly written by idiots.
[ link to this | view in chronology ]
Arrest them.
[ link to this | view in chronology ]
leave gaps/ loopholes.. to save a buck or two...
permantly borrowing your neibours files over a shared drive on wireless lan...
"shared"
its justa learning curse / curve
[ link to this | view in chronology ]
Re Those who insistently repeat "It is stealing."
[ link to this | view in chronology ]
Nice counterop to: Those who insistently repeat
2. Good will and sharing. We are one spirit. We wish to share our lives with others. All is not done by laws and formalities as in taxes and roads, munitions and the army. There is private faithbased shariting. Call it charity or call it hospitality.
Our faith is that by being helpful we make life better for others. Call us humble. Call us useful. Call us crazy. Call us those who share in the real ethics of science.
When I set up a network I want to share my purchased property/ service with others. They share with me. The more this happens the fairer it is.
3. This premise as a business model. I've read about a company who has made these units. You pay for the unit and the wireless is free. The company name starts with the letter M and if you know it please email me.
Sharing is a good thing. Open wireless is like Linux. And may Linus continue to be blessed.
Now this agrees with over half of the discrete posters (duplicate entries not counting as duplicate votes) and says it in a different way.
All the best in this season to you and yours.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
open and free
[ link to this | view in chronology ]
Nice try
If someone comes to your front door and eats your cookies (no tech-pun intended) they know they're taking something that they haven't been specifically invited to take BUT, no court in the land will charge them with theft and it's not that much of a stretch to infer they were left there for guests. (Lot's of geeks share, I share my signal.)
So yes, you're taking something that a considerate person wouldn't take without specific permission (a note that says "have a cookie!" or a SSID of "free_access") but being inconsiderate (and it IS being inconsiderate) does not make one a criminal - just kind of a jerk.
If your neighbor has an open signal be a good geek and tell him, offer to lock it down for him and ask him if he'd like to share (safely.) If he doesn't care if it's open, all the better but to not say anything and exploit is, at the very least, impolite (and you know it - don't rationalize!) What it isn't is criminal.
[ link to this | view in chronology ]
Not on my IP address!
I dont like the risk of someone doing something illegal
through MY IP ADDRESS.
That's it in a nutshell. I have no problem configuring a separate
open network and with the sharing aspect per se. The problem
is: I don't know who I would be sharing with, and the an open
connection means that my house becomes responsible for the
traffic flowing through it. What if they launch a deluge of
spam? a ddos attack? What if they use the open connection
to email threats to someone?
There are too many unknowns to expose my personal house/IP
address like that. Someone could drive by in the middle of the
night, do something stupid, and I wouldn't know until a day or
so later when I get agents at the door or whatever.
It's not worth it! If I were running an Internet Cafe, that's different,
because you expect to have anonymous traffic. The bit about
opening a household IP is just.. well .. too close to home to
be comfy with!
[ link to this | view in chronology ]
Ignorance
Since when did ignorance hold up in court as a valid defense? Last time I checked, "Um sorry officer, I didn't know." was a defense at the law enforcements discretion/mood at the time. Not a valid argument in a court of law.
I am sure there are a 1,000+ anecdotal responses to this. That is true as there are ALWAYS exceptions. As a general statement, the more serious the offense is, the less value an ignorance plea holds. In the case of 'stolen' wifi, if it IS serious, there is more than likely some malicious intent going on and the ignorance plea is moot. Otherwise, the insignificant 'costs' incurred by someone casually using your open wifi signal wouldn't even make it to small claims court. You can call it the cost of electricity, bandwidth, lag in your streaming porn, or whatever else you need to rationalize it with. It is still insignificant and would cost you more in gas to visit your lawyer.
This country has definitely lost its grasp on self-accountability and responsibility. It is always someone else's fault or you're the victim. To quote Dennis Leary, get a f*cking helmet!
[ link to this | view in chronology ]
Stop whining and encrypt your shit or shut the fuck up.
Considers SERIOUSLY suing my neighbors for ATTACKING me with low level radiation !
[ link to this | view in chronology ]
North
You're all just part of this weird dream I had. The dream started off with some guy named Al Gore inventing something called the Internet. It was a very strange dream indeed.
[ link to this | view in chronology ]
"piggybacking"
Certainly any hacking is ethically wrong, but using something that's wide open to me, right from my own home is not wrong.
Securing one's connection is just too easy. If they don't it's their own fault.
[ link to this | view in chronology ]