Once Again, Basic Detective Work Tracks Down Criminal Activity Done On Open WiFi

from the not-so-difficult dept

Thu, Aug 18th 2011 7:00pm — Mike Masnick

One of the things we hear over and over again about the evils of "open WiFi" is that it allows criminals do horrible things on a network with no way to track them down. We've always pointed out how ridiculous this is. Just because someone does something on a network, it doesn't mean they don't necessarily leave other clues that can be uncovered through basic detective work. And, time and time and time and time and time again, we see stories of basic detective work being used to catch criminals on open WiFi networks.

Here's yet another example. In a case involving a disgruntled former IT worker logging into his former employer's computer systems and pretty much deleting everything important (including "the company�s e-mail and BlackBerry servers, as well as its order-tracking system and financial-management software"). These sorts of things happen every so often, and the responsible party almost always gets caught.

In this case, Jason Cornish used an open WiFi network at a McDonalds to do his dirty work. But there was enough evidence to link the crime to Cornish (beyond basic motives). For example, investigators discovered that he had made a purchase of some food at that McDonalds about five minutes before the deletion began. Honestly, it looks like he wasn't particularly careful in a variety of things that he did -- but that's kind of the point. The fear about how open WiFi will be regularly abused and there will be "no way" to track down those responsible is a huge exaggeration. Perhaps there are some users who are careful enough not to leave a trail, but those sorts of people will figure out a way to do what they want with or without open WiFi. The fear of untraceable hackers on open WiFi is way overblown.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: crime, detective work, open wifi, wifi

24 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

fb39ca4, 18 Aug 2011 @ 7:02pm

I think the fear is more of people copyright infringing on open wifi, especially with the 6 strikes law.
First comment w00t!
[ link to this | view in chronology ]
- Capitalist Lion Tamer (profile), 18 Aug 2011 @ 7:16pm
  
  Re:
  Your boxful of canceraids is on its way, courtesy of the regulars at the Onion AV Club. (It's all part of that Web 2.x open-communication strategy. Or whatever.)
  [ link to this | view in chronology ]
blaktron (profile), 18 Aug 2011 @ 7:19pm

At least we can always count on the stupid criminals to draw you a map to their house with their credit cards while they hack...
[ link to this | view in chronology ]
- A Guy, 18 Aug 2011 @ 8:48pm
  
  Re:
  The same thing happened to a family member who got her wifi hacked. The hacker managed to steal paypal info, and then left their address behind where she could see it. By and large, criminals, even criminal hackers, are a dumb bunch.
  [ link to this | view in chronology ]
  - Onnala (profile), 19 Aug 2011 @ 7:57am
    
    Re: Re: Correction
    There are a lot of dumb criminals, but like with most things, there are always a few that do know what they are doing.
    [ link to this | view in chronology ]
Damin, 18 Aug 2011 @ 7:31pm

Our own detective work in helping nab an online thief
Our customer service department discovered a couple of fraudulent transactions with stolen credit cards.

For the first instance, I traced the IP address of the transaction to a wifi spot belonging to a hotel. When we found a second transaction originating from the same IP address, we notified that card's owner.

The second victim asked how the card was compromised. Our customer service rep mentioned the hotel wifi hotspot and the victim said they stayed at that hotel. When we recontacted the owner of the first card we asked them about the hotel. That person said they stayed at the same hotel on the same night.

Once the local authorities got involved, it was revealed that only one person worked the front desk at that time these two victims checked in, as well as the time the two fraudulent orders were placed. Last we heard the alleged fraudster/front desk person was fired, and I'm pretty sure charged with at least two counts of identity theft.
[ link to this | view in chronology ]
Anonymous Coward, 18 Aug 2011 @ 7:53pm

"Basic Detective Work"

[emphasis added]

But ... but ... but ... convenience!!!!
[ link to this | view in chronology ]
out_of_the_blue, 18 Aug 2011 @ 8:30pm

Feeble thesis. %99 percent is coming up with a suspect.
They weren't sifting through ALL open wi-fi, they took his credit card purchase record and made a likely conjecture. It's easy once you have a name, and of course, this is a classic "disgruntled former employee", be absolutely the first place ANY cop would look, just as they went immediately to OJ's house. Completely by the book.

So as usual, you begin with a strawman you wish to demolish, put some irrelevant text through your sausage machine, and smugly write QED.
[ link to this | view in chronology ]
- Anonymous Coward, 18 Aug 2011 @ 8:37pm
  
  Re: Feeble thesis. %99 percent is coming up with a suspect.
  Who said they sifted through all open wi-fi? You're the only one to even suggest such a thing.
  
  Once again, you start with a premise that never existed, and try to argue against it. Do you enjoy arguing with yourself so much?
  [ link to this | view in chronology ]
  - BeeAitch (profile), 18 Aug 2011 @ 11:31pm
    
    Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
    STOP FEEDING THE TROLL
    [ link to this | view in chronology ]
    - The Devil's Coachman (profile), 19 Aug 2011 @ 12:45pm
      
      Re: Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
      True. On the other hand, beating trolls has a great deal of merit.
      [ link to this | view in chronology ]
- Anonymous Coward, 18 Aug 2011 @ 8:48pm
  
  Re: Feeble thesis. %99 percent is coming up with a suspect.
  Newsflash: You're agreeing with the post. Might want to rescramble your gibberish a few more times.
  [ link to this | view in chronology ]
chris, 18 Aug 2011 @ 10:01pm

It is kind of a straw man. Mike should link to or include a quote from an article mentioning these types of crimes being a major concern as he implicitly suggests.

Most of the news about the problems with open-wifi have been concerns over copyright infringement. For example this article about potential banning of open hotspots mentions that as the primary concern.
http://www.zdnet.co.uk/news/networking/2010/02/26/open-wi-fi-outlawed-by-digital-economy-b ill-40057470/

Sending personal information over a network is obviously much easier to trace. A semi-knowledgeable person using it to exchange media files has virtually no chance of getting caught.
[ link to this | view in chronology ]
Anonymous Coward, 18 Aug 2011 @ 11:27pm

"The fear of untraceable hackers on open WiFi is way overblown."

There is just so much wrong with this single statement, that it is beyond understanding.

Open WiFi is, without a doubt, one of the biggest security holes on the net. Combine it relays, VPN, or other "cloaking" and the end user is all but invisible.

To dismiss it off handed because of a single case (that really has little to do with WiFI beyond "means", as he was tracked down not for technical reasons, but because he was an disgruntled employee stupid enough to make his presence known at the WiFi location) is an incredible reach, a huge logical jump.

It makes you wonder what other amazing logical jumps have been made in the name of getting this to line up with the Techdirt universe.
[ link to this | view in chronology ]
- Anonymous Coward, 19 Aug 2011 @ 12:59am
  
  Re:
  Woohoo! Go Dr. Horrible! go!
  [ link to this | view in chronology ]
- Anonymous Coward, 19 Aug 2011 @ 2:56am
  
  Re:
  "Open WiFi is, without a doubt, one of the biggest security holes on the net"
  
  No, it is not. Badly written applications are. Remember: Sony was "hacked" because of a simple SQL injection attack, one of the most preventable of attacks.
  
  Talk about logical jumps...
  [ link to this | view in chronology ]
  - Anonymous Coward, 19 Aug 2011 @ 2:59am
    
    Re: Re:
    Oh, and I almost forgot another big security hole: clueless network admins that forget to revoke passwords from disgruntled employees and to audit the network after said employee was fired.
    [ link to this | view in chronology ]
- WysiWyg (profile), 19 Aug 2011 @ 11:40am
  
  Re:
  I'm fairly sure that anyone knowledgeable enough to "combine it relays, VPN, or other 'cloaking'" would also be able to do a quick google-search on how to hack a "secure" WiFi.
  [ link to this | view in chronology ]
fb39ca4, 19 Aug 2011 @ 12:44am

In the near future:
"Public" wifi networks will be "secured" with WEP, so the owners can say they are secure, and all computers will have WEP cracking integrated in their wifi drivers.
[ link to this | view in chronology ]
Jake, 19 Aug 2011 @ 1:46am

I can think of three ways he could have spoofed the investigation without even trying. No the the guy was let go.
[ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 3:31am

Great. You found 5 articles saying they caught "criminals". Now how about you post the 1000's where they haven't caught anyone?
[ link to this | view in chronology ]
- Chicken Little, 19 Aug 2011 @ 4:55am
  
  Re:
  The sky is falling
  [ link to this | view in chronology ]
Jimr (profile), 19 Aug 2011 @ 6:11am

Watch American Greed the other night and it was about hackers. The guy set up shop in areas with multiple open wifi and used a booster to get some better range and then alternated which ones he used for the attack.

I saw another show where the hacker rented a office space far away (more than 10 block, but still in line of sight) from then open wifi and then constructed an 10 foot antenna and directed right at the open wifi location.

My point is stupid criminals get caught. It is the smart criminal that I worry about...
[ link to this | view in chronology ]
Mallorca, 20 Nov 2013 @ 9:38am

Re:
Criminal are not so intelligent than detectives or, at least, they dont have the time to think so much.
[ link to this | view in chronology ]