Judge In Google WiFiSpy Case Trying To Determine If Packet Sniffing Open Networks Is An Illegal Wiretap
from the it-shouldn't-be... dept
In the consolidated cases against Google for intercepting some unencrypted data passing over open WiFi networks as part of its Street View operation, the judge is now looking to determine if basic packet sniffing is the equivalent of an illegal wiretap. Google, and one would imagine, most people who understand the technology, are arguing that's silly. The nature of WiFi is that it takes the unencrypted bits and makes them wide open to anyone on that network. That's how the technology is designed. If you don't like it, you encrypt. Arguing, retroactively, that seeing the data that is put in the open on purpose is somehow an illegal wiretap seems silly, but that's what the case hinges on. Hopefully, the judge is either technologically savvy enough to understand this, or can be well educated in the nature of how an open WiFi network works... Otherwise, a lot of people may be facing wiretapping charges for activity that many people consider perfectly normal on a network.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: open wifi, packet sniffing, wifi, wiretap
Companies: google
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
The FBI
If the FBI were driving vans around American cities silently sniffing wireless networks, would you approve?
How can we prohibit the government from doing this kind of thing, yet let companies do it (particularly since companies can do it, and then sell the data to the government).
Even though the tools to sniff networks are widely available, I think there are legitimate arguments to be made that sniffing content going across someone else's network should be considered a violation of the wiretapping act.
[ link to this | view in chronology ]
Re: The FBI
I think it would be better if instead of doing it silently they played 'Turkey in the Straw' like an ice cream truck. Other than that it is radio traffic that is being broadcast into the air. If no method is used to indicate otherwise i.e. encryption any one should be able to 'listen in' with out it being a crime. No whether that can be done by the State without a warrant for use in a criminal investigation may be more debatable, or not.
[ link to this | view in chronology ]
Re: The FBI
I'm a different Mike, but I would ABSOLUTELY approve. Saying they cannot is like telling the police that they need to wear headphones so they cannot overhear people talking on the streets.
The real problem is even worse. If you have a wi-fi enabled device and you walked past an unencrypted access point, you have also violated the law. Wi-fi antennas pick up all of the traffic and filter out everything except the SID you have enabled (if you have enabled one). At a packet level, everyone with a wireless device is guilty of what Google has done.
Yes, they kept this information rather than immediately filtering it out, but can someone really argue that the length of time a wiretap log is held matters?
[ link to this | view in chronology ]
Re: The FBI
[ link to this | view in chronology ]
Re: The FBI
Me and my friend go to the middle of the street and start having a "conversation" while shouting as loud as we can. An FBI agent, which has hearing problems, and cannot hear without his hearing aid, passes by. After seeing two people making a weird scene (imagine two nuts shouting at each other), he goes like "WTF?" and turns on his hearing aid.
BAM!
According to you, he goes to jail for eavesdropping. Nice.
[ link to this | view in chronology ]
Re: Re: The FBI
The courts would not agree with this (well, maybe they might in this current day, but they hopefully would get struck down by the Supreme Court.)
If you broadcast that you are committing a crime, and the police happen to hear this broadcast, then they can arrest you and the evidence will not be dismissed, whether you are on the street corner, on the radio, or on the internet. It is different if you are having a private conversation, but broadcasting is not private.
What the defense could argue, in the case of an unencrypted wifi transaction is that like cell-phone and wireless telephones, which have special restrictions in the law when it comes to interception of communications, but that is because these channels may be open, but the conversation carried on these channels are considered private. If a wifi device allows anyone to connect and send/receive traffic, the conversation is hardly private.
But this only effects government eavesdropping and rules of evidence...any private person can eavesdrop to their hearts desire (and in most cases unless they record the conversation or listen to cell-phone/wireless telephones, can do so legally.) The only way to be sure your transactions are secure are to use encryption and monitor sessions...and even then you can never be entirely sure the transaction isn't being monitored/recorded by a third party.
[ link to this | view in chronology ]
Re: The FBI
The 'actor' isn't the issue here it's the act itself.
WiFi is a broadcast medium and technology - that is it's nature and intended purpose - if it's not encrypted it's *public* and there are many ramification to ruling otherwise.
And of course this being a class-action, harm should be proven which is very difficult here as well.
So I'm sorry the case against a company you so passionately hate is very weak, but the imagery of vans and the FBI doesn't really help your case nor credibility.
[ link to this | view in chronology ]
Re: The FBI
Maybe we need to have something like a Department of Computers and Technology (the DCT - like the DMV) where people have to go get a license before they allowed to use any network-connected device.
/end rant
[ link to this | view in chronology ]
Re: Re: The FBI
I like that. To further this train of thought. Anyone who buys a computer from places like Bestbuy, Dell, Gateway, HP, Apple, etc... they should be sent to a class on how to work with computers.
[ link to this | view in chronology ]
I wonder if any cordless phone eavesdropping laws may apply here. I think those laws probably vary from state to state, but from what I gather, RF scanners used to be able to legally scan any frequency it could. Older RF scanners can still pick up on cordless phone conversations but there are new laws that prevent newer ones from having that ability. To what extent can this apply to Wifi?
[ link to this | view in chronology ]
Re:
Perhaps a cordless phone eavesdropping law might better apply to someone who has a wifi router without any encryption capabilities and to someone who can't reasonably afford a wifi-router with such capabilities.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
I don't know about the US, but I don't believe *any* UK WiFi kit ever (and certainly not since it became "consumer" instead of "rich business toy",) does not have at least WEP capability. OK as encryption goes it's about the equivalent of a "No Trespassing" sign on a fenceless property, but it *is* at least a go-away sign and whispering instead of the "shouted conversation in the street" equivalence of unencrypted WiFi.
IMO If you don't put *any* protection of WiFi you can't claim any privacy over people listening to you shout, if you put up the "go-away sign", that's where the law should kick in no matter how easy or hard it is to listen after that.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
If you left your house open, would it be fine for me to get in, make myself a sandwich, read TechDirt and other dirty sites on your PC and spend a night in your bed?
[ link to this | view in chronology ]
Re:
You are missing a small point - these were captured from the street (a public place). No trespassing involved. Your analogy fails on the "get in", the "make myself a sandwich" and the "spend a night in your bed" parts.
The part about reading TechDirt and other sites is close - but you would be standing at the sidewalk watching through a window while someone else controlled the computer.
This is really simple - if you don't want your WiFi signal being broadcast through your neighborhood, hard wire your computer to your router and shutoff the wireless. No different than cordless phones vs. wired phone.
[ link to this | view in chronology ]
Re: Re:
Why is trespassing prohibited? It's easy, you just turn left from the pavement, go to the door, push the handle and you're in.
It's prohibited because most people are not fine with it. And it's the same with wifi snooping.
Another example. Would it be fine if your ISP saved all your browsing history, all your IM chats etc.? You willingly give all this data to them and (unlike with most wifi users) you're aware you do so. If you don't like it, you can prohibit them from doing so by using encryption everywhere. So would it be fine for them to save all this data in case they find some use for it?
[ link to this | view in chronology ]
Re: Re: Re:
Why is trespassing prohibited? It's easy, you just turn left from the pavement, go to the door, push the handle and you're in.
Yes, you did miss the point, and by a mile.
Google didn't go to the door, push the handle and go in. They stood in the street. In public.
If you were standing naked in your living room in front of the great big picture windows with no curtains, would you be upset if someone saw you naked? Well, then don't stand naked in front of the window stupid!!!
Same issue here. People are broadcasting their wifi signal in public. It is their own fault if others can see it.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Analogies are great when you are explaining the basics of a concept, but once everyone understands the basics you should be capable of speaking in concrete language about the subject matter. Anyone who uses analogies in an effort to explain an advanced concept usually does so because they understand the analogy but not the advanced concept.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Actually, I am OK with wifi snooping or war driving. I encrypt my wifi with WPA and a 20+ character alpha-numeric password that will take a few years to crack via brute force.
Another thing that you are perhaps missing - you are pushing the wifi signal out into the street - not the other way around.
With unencrypted wifi it's like putting a table full of cookies near your sidewalk with a sign that says "Free - take one".
If don't want people to take your cookies, then don't put them on the lawn with the sign (ie: encrypt your wifi).
[ link to this | view in chronology ]
Re: Re: Re: Re:
Not so much actually - especially if you're using the standard "Pre-Shared Key" implementation for home use. Think minutes, hours at best - last time I looked at it and that was a while ago, even WPA-2 wasn't that hard to break with the right tool.
All that's kinda beside the point though and that's where the physical analogy breaks down - encrypt at all even with WEP and you are saying "go away it's private". Indeed there are already laws about breaking computer encryption for "copy protection" so dumb though they may be I don't see any reason that same standard shouldn't apply to WiFi. On the other hand unencrypted as you say you are literally shouting in the street and shouldn't have any expectation of privacy.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Well, getting the info needed to break WPA or WPA2 is easy and only takes minutes to collect. But, the hard part is actually cracking it, since you have to brute force against a dictionary database.
I have (just for education, nothing nefarious) cracked 3 of my neighbors WPA encrypted routers. The first database I ran them against is one with all of the available phone numbers in my area and *tada* all three used their DSL line phone numbers as passwords.
Four others around me I haven't been able to crack (even against a million word database) because they are using strong passwords with numbers and letters in random patterns.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
http://www.techdirt.com/blog/wireless/articles/20110418/15424813942/judge-google-wifispy-case-tryi ng-to-determine-if-packet-sniffing-open-networks-is-illegal-wiretap.shtml#c291
and
http://www.tech dirt.com/blog/wireless/articles/20110418/15424813942/judge-google-wifispy-case-trying-to-determine-i f-packet-sniffing-open-networks-is-illegal-wiretap.shtml#c364
(Wow, can't these links be shorter?)
And with the cookies analogy, think about a granny sending cookies from one place in their home to another in their home. It's clear that if they do their way via the wild, something is wrong and it's not fine to reach out and take them.
But really, talking about cookies in here is wrong.
1. There are things more important than cookies. Much more.
2. If sb. takes your cookie, you can find out.
3. Cookies are scarce, so taking them is something very different.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Look, if my data is encrypted with a strong password then all someone can see is gibberish and I am not worried about it.
Besides, every time anything I do online goes through an AT&T hub, it is being collected by the government anyways. So what you are saying actually happens all day, everyday.
[ link to this | view in chronology ]
Re: Re: Re:
So if someone is looking through what you're doing on a unencrypted wifi signal... they are doing EXACTLY what they are supposed to be doing by the design of wifi.
I hope this clears up any misconceptions you have, and allows you to extrapolate exactly why your ISP example has no baring on this what so ever.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Show me *any* wifi ad that shows strangers sniffing owners' whole communication. It doesn't matter what engineers wanted from a technology, what does is what it turned out to be - a major form of doing private communication. It's terrible on the privacy front, but only like 5% of society knows this. So technology should be improved to better serve it's purpose. But in the meanwhile there are needed other ways of ensuring that the 5% doesn't harm the other 95%. In such cases social mores usually work well enough, but in case of Google they didn't. I don't know whether what they did was illegal, but it should be.
And I don't see any difference from ISP in what you told. ADSL and most other popular networking technologies don't have any security either, 3rd partied are free to add them if they wish so.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Sorry sir, but you failed computer history 101, please head back to school. I suggest reviewing the Wikipedia page for ARPANET and History of the Internet.
The "internet" was designed to be a connection of networks (hence the name Internet is a shortened name for Interconnected-Networks,) some of which were run by the military. ARPANET (which was the precursor to the internet,) was a research and development network, created to link the defense research labs with universities which were doing their work. It was not designed to be a military network, as it was not exclusive to the military (if it was, you likely never would have heard about it or would be using it now.) ARPANET was designed to link the military with universities around the country in order to share the few high-powered research machines that existed at the time. As more and more networks were connected to ARPANET, the name was changed from ARPANET to NSFNET to the Internet.
[ link to this | view in chronology ]
Re:
Wifi is a broadcast. If you don't want people viewing the Wifi traffic you are broadcasting in public then encrypt it.
A better analogy would be ... you take all your furniture our of your house and set it up on the lawn. Now, with everything on the lawn, in full public view, would you be upset if someone came over, made themselves a sammich and spent the night in your bed?
Well, you might, but you can't fault someone for using something that you placed in full public view without placing any restrictions upon their use.
Therein lies the issue ... restrictions. If you are broadcasting Wifi unencrypted, you have not places any restrictions upon its use. If you can't figure out how to encrypt it, that isn't my problem, just as it isn't my problem if you decide to live on the front lawn.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
sb. ??????
People seem to be having trouble with this simple concept. Unencrypted WIFI is BROADCAST TO THE WORLD with no protection. Granted, early Wifi routers did not enable encryption by default, but it is available. All you have to do is RTFM.
Modern Wifi routers have encryption turned on by default. All the major players (at least where I live) have routers that are encrypted OUT OF THE BOX.
What you are talking about is using specialized equipment to read a signal that is not being broadcast. My internet traffic is run through a cable from my house to my provider. It is point to point traffic, intended for two parties, me and my provider. Unencryped wifi being broadcast and can be read by anyone who cares to receive the signal.
Lets try this definition of broadcast: circulate: cause to become widely known
Does that make it any clearer for you? Unencrypted wifi is broadcast ... to everyone.
Would you feel it's fine if I convinced you I do it to you?
So you're the one. I knew it!
[ link to this | view in chronology ]
Re: Re: Re: Re:
Neither is broad, really, even with your definition and that's a big point.
But really, a bigger one is that good majority of people have reasonable expectations that technology that they use just works. Hardly any wifi router sold up to c.a. year ago (when Google did the spying) had even basic security enabled and almost everybody connected them and were happy when they worked. These were not idiots but regular people that just were not skilled in some field of technique. It's unreasonable to ask everybody to become expert in everything and that's why laws that protect us from others abusing our skillessness make sense.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
WWEEEET! WWEEEET! BS detector activated. Here is a study from 2006 showing basically completly disproving all of your guesses about how many people secure their router, how many routers come with default security, etc.
http://www.informatics.indiana.edu/mhottell/research/Predictors%20of%20Wireless%20Security.p df
And that is already 5 years out of date, I can't imagine security has declined significantly since then.
The majority of people know about securing their wireless data (or they don't know about it but do it anyway) and one would imagine that some people actively choose not to implement security. That means a small minority either don't know or care that they are broadcasting their information. Either way applying wiretapping laws makes no sense in this situation.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Here are (reports of) studies conducted by various groups in various locations:
In 2003, NetStumbler estimation (not a study) was 15-20%
2005:
Gartner predicted the number would be 20% in 2 years:
http://news.cnet.com/Worried-about-Wi-Fi-security/2100-7347_3-5540969.html
2006:
40%
http ://www.bizjournals.com/milwaukee/stories/2006/05/29/story2.html
2008:
Airports only, 20%:
http://www.scribd.com/doc/2675160/AirTightAirportWiFiScanAnalysis
2009:
20%
http://www.tgda ily.com/security-features/40986-cops-in-mumbai-say-unsecure-wi-fi-aids-terrorists
2011:
6% WEP, 16% WPA2
http://www.indianexpress.com/news/how-secure-is-your-wifi-only-16-safe-networks-cops/736873/0
During the search I saw many studies that showed vastly different results like the 60% that you showed.
So the only think I think we can settle is that a significant part of wifi networks is unsecured.
And my opinion is that "I don't care" is not among statistically significant reasons, dwarfed by ones like "What do you mean?", "Who would do this?", "I think the person who set it up did it right" and such. The opinion is based entirely on personal experience.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
Numerous studies show that most people either secure their network or actively choose not to (ex. airports), with some smaller percentage of people not having any idea.
My argument is that you don't need a law because consumers already have tools to solve this problem and a law simply increases complexity and leads to frivolous, useless lawsuits ... namely this lawsuit against Google.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I have to disagree with you on this.
First, a legal precedent saying that intercepting unencrypted wifi is illegal would make the situation worse. It would give the average person a false sense of security that doesn't exist.
Second, this really more of a common sense kind of thing. Pickpocketing is illegal, right? But, when I walk out into a crowd, I move my wallet to my front pocket for security reasons anyways.
Third, we are not talking about rocket surgery here, a couple of screens and your done. My ISP will even walk you through it over the phone if you need help.
[ link to this | view in chronology ]
Google presumption
[ link to this | view in chronology ]
Re: Google presumption
> who worked for Google was going through your
> wallet
If you left your wallet behind at the register, you'd have to be an idiot to expect no one would go through it, if only to find who it belonged to in order to return it.
[ link to this | view in chronology ]
Re: Google presumption
I think you have managed to combine the highest amount of reverse-logic and thickheadedness ever seen in one post.
You are either a fool repeating Faux News talking points/some other script for the hard-of-thinking or (and this option is almost better) you are simply a paid or unpaid shill doing your best to attack google.
Let us hope unpaid, as you would not be providing your moneys worth.
In short, you are a ludicrous parody of a buffoon or simply a buffoon.
[ link to this | view in chronology ]
Re: Google presumption
And yes, that's a crap analogy, but then so was yours.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
WEP = Wired Equivalent Privacy
It creates a pretty clear line: if you're cracking WEP, regardless of how easy that may be, your access is clearly unauthorised and illegal (and if you're cracking WPA2... well, that's actually kinda impressive, but still illegal).
But when someone has their network wide open, then neighbours and passersby are going to see that traffic.
[ link to this | view in chronology ]
This question is no more complicated than that.
"If the FBI were driving vans around American cities silently sniffing wireless networks, would you approve"
They are on a public street, picking up an open, unsecured broadcast.... If you are concerned about that or the data moving over the network - encrypt it.
See technically - if the broadcast reaches *MY* car, you are broadcasting *your* data into my private property. There's not even a question at that point - who is infringing upon who?
But then I get kicks out of doing the opposite - leaving the network wide open and packet sniffing those who connect... ^.^
[ link to this | view in chronology ]
Re:
These are 2 separate things.
If a plane makes an emergency landing on your lawn, it doesn't make the plane yours, you can't take any part of it, you can't take anything from people inside. It is a limitation of your property law, sure. And if it harms you because you wanted to make a party on that lawn (or because the lawn is destroyed), you can seek damages - by negotiations or in court, not by taking what you feel should be yours.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
Really, really flawed analogy...but your like 0 for 30 in the analogy department so far.
If you and I share a fence, and I have a tree growing on my side which produces lemons. If my tree crosses over the shared fence into your yard, under most property laws, the tree may belong to me but the lemons on your side of the fence belong to you (as does the branches, so if you wanted, you could go and cut down the branches on your side of the fence if you wanted to.)
Mine is an equally crappy analogy, because a wifi device is an access device, and theoretically I could press charges if you accessed my wifi router without my permission, but since I am broadcasting my traffic to you (like playing a radio in my house or standing nude in my front room,) it certainly shouldn't be illegal for you to sniff my traffic, listen to my radio, or accidentally see me standing nude in my front room.
[ link to this | view in chronology ]
Re: Re: Re:
Better analogy than some. :)
That's kind of my take on this too. If you don't want me seeing your wifi signal - then keep it within your own property and away from my property and public places.
(I did read about a "anti-wifi" paint awhile ago, kinda like a poor man's Faraday Cage)
[ link to this | view in chronology ]
Oh noe!
I guess Internet wasn't built in 01 day and it hinges for it needs to be looked at every possible angle Information Systems has but essentially, it's a wave!
[ link to this | view in chronology ]
Wireless Security
On a more serious note however, I think it very important to establish a precedent on this matter for the future. Having spent some time doing penetration testing of my own wireless networks and those of my friends (purely for fun and with their knowledge) I can say for certain that it doesn't matter what encryption you use, it can be broken, with ease, and rather quickly.
For example, the AES256 bit block cypher used by WPA2 encryption with a 64bit key (this is mandated for banks nation wide) is heroically hard for any top of the line computer to crack at this point (the time necessary is calculated in years, even if that time is dropping drastically with GPGPU computing). However if you spend twice what you would on a top of the line system, and buy cheap parts, you can build yourself a small computing cluster. With 64 processors clocked at 1ghz (or less)and minimal RAM in the unit the ability to crack that password drops to hours. If you have a significant compute cluster with hundreds of cores or more running on fast CPU's you can take the time down to minutes (as in about 10 minutes).
(don't forget to think about all the bot-nets out there, the kind of clusters I'm talking about are more centralized and in general more stable and reliable, however the bot-nets can be utilized in the same fashion with a little work)
Now given what I have said it is important to think in terms of what equipment the government would have available if they chose to do wiretapping of this nature. They would have a rather good compute cluster that they can hook into from the field (no reason to carry the equipment with you after-all) and break into any wireless network in minutes.
So my two cents.
This is not a case of illegal wiretapping.
However depending on the verdict and the phrasing of the judge during the ruling, this could create a dangerous precedent issues with what the gov't can legally get away with in the future.
[ link to this | view in chronology ]
Talking through megaphones
[ link to this | view in chronology ]
Re: Talking through megaphones
[ link to this | view in chronology ]
Re: Talking through megaphones
I agree with you but it occurs to me that if those 2 people were singing a popular song, then the RIAA would probably declare it illegal and demand public performance fees.
[ link to this | view in chronology ]
Hmmm
Say you hitch up a PC for grandma so she and the grandkids can keep in touch via email. Grandma loves it, but becomes bedridden and so turns on this new fangled wifi so she can use her ipad (lol) from bed for the same purpose. Now grandma knows nothing about anything tech wise other than email.
And someone comes by and steals grandmas cookies...Is that right?
Point is not everyone knows enough to protect themselves.
[ link to this | view in chronology ]
Re: Hmmm
WARNING! Flawed assumption alert!!
Who took advantage of what?
Google did nothing more (and nothing less) with the encrypted traffic they received, they used the SSIDs to help develop a geo-locating system. So far there has been no evidence that they did anything with the additional data at all.
IF (and this is a big if) Google did something inappropriate with the data they collected you may be able to make some legal argument about privacy violations; however, if all they did was collect the data and then eventually destroy it, why would grandma's panties be all bunched up?
[ link to this | view in chronology ]
On the other hand, the mens rea of the listener should matter a lot too. In this case, Google did not intend to store that information and deleted it as soon as it found out. Their intention was obviously NOT to wiretap and therefore it makes sense for them to not be guilty of any offense. Had they intended to capture that information and use it, that would be a whole different ball of wax.
The issue is not whether Google knew that what it was doing was legal or not. It is more whether Google knew what it was doing. And in this case, the evidence seems to be they didn't realize they were capturing private information.
[ link to this | view in chronology ]
Re:
Your privacy rights disappear when the signal enters the public domain. If you want it private, don't put it in the public domain.
There should be no expectation of privacy for unencrypted wireless, or unencrypted radio, television, etc. If you don't want something shared, keep it private.
An uneducated computer user (most people) probably does not understand how their wifi works and they probably don't understand concepts such as packet-sniffing.
Every wifi device I've purchased in recent months have come with documentation warning the person using the device that they need to turn on encryption. If you are a moron in a hurry, you shouldn't have a computer, or a car, or a house, or anything else. The law should not protect the foolish (why, oh why, do we have to put warning labels on everything.)
Plus, going wireless has inherent risks, regardless to whether you use encryption or not. As we say in EVE Online...you aren't completely safe anywhere in space...and this includes life in general. If you are broadcasting, you are transmitting your data to everyone around you, whether it is encrypted or not, and people may be able to discover what you are transmitting, whether or not the law is on your side. Build a faraday cage and condition all wires entering and leaving your site if you are worried about your data, or realize that you aren't safe, and do what you can to increase the difficulty/decrease the payoff of compromise.
[ link to this | view in chronology ]
Re: Re:
A law would just give people a false sense of security and further insulate them from taking the most basic responsibility, which in most cases means using the install disk to setup your wireless with encryption.
I think a common misconception is that laws "stop people from committing illegal acts" when the reality is that laws only punish people after the act has been committed. If you have some horrible secret that you would never want revealed would you rather: A) have it kept secret via WiFi encryption OR B) have an opportunity to sue your neighbor after they packet sniffed your network and revealed your secret to everyone you know?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Another unintended consequence....
Even assuming you put in a provision for "accepted but thrown away" packets (it's a broadcast medium - your wireless card picks up EVERYTHING and *then* decides what was aimed at it) as someone else pointed out, you'd pretty much stuff a large chunk of wireless security on the corporate side.
Most decent wireless solutions do IPS/IDS and analyse detected "rogue" access points and signals for intrusion attempts. Declare interception illegal and you've just reduced the security of every major corporate wireless network and rendered them unsafe to use. Last major system I saw in a business in a residential area was tracking and monitoring (and whitelisting/blacklisting as necessary) over 100 extraneous access points and often the clients of them. That's a whole lot of counts of a criminal charge and/or a lot of lawsuits just for keeping your data safe.....
[ link to this | view in chronology ]