Once Again, Basic Detective Work Tracks Down Criminal Activity Done On Open WiFi
from the not-so-difficult dept
One of the things we hear over and over again about the evils of "open WiFi" is that it allows criminals do horrible things on a network with no way to track them down. We've always pointed out how ridiculous this is. Just because someone does something on a network, it doesn't mean they don't necessarily leave other clues that can be uncovered through basic detective work. And, time and time and time and time and time again, we see stories of basic detective work being used to catch criminals on open WiFi networks.Here's yet another example. In a case involving a disgruntled former IT worker logging into his former employer's computer systems and pretty much deleting everything important (including "the company’s e-mail and BlackBerry servers, as well as its order-tracking system and financial-management software"). These sorts of things happen every so often, and the responsible party almost always gets caught.
In this case, Jason Cornish used an open WiFi network at a McDonalds to do his dirty work. But there was enough evidence to link the crime to Cornish (beyond basic motives). For example, investigators discovered that he had made a purchase of some food at that McDonalds about five minutes before the deletion began. Honestly, it looks like he wasn't particularly careful in a variety of things that he did -- but that's kind of the point. The fear about how open WiFi will be regularly abused and there will be "no way" to track down those responsible is a huge exaggeration. Perhaps there are some users who are careful enough not to leave a trail, but those sorts of people will figure out a way to do what they want with or without open WiFi. The fear of untraceable hackers on open WiFi is way overblown.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: crime, detective work, open wifi, wifi
Reader Comments
Subscribe: RSS
View by: Time | Thread
First comment w00t!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re: Correction
[ link to this | view in chronology ]
Our own detective work in helping nab an online thief
For the first instance, I traced the IP address of the transaction to a wifi spot belonging to a hotel. When we found a second transaction originating from the same IP address, we notified that card's owner.
The second victim asked how the card was compromised. Our customer service rep mentioned the hotel wifi hotspot and the victim said they stayed at that hotel. When we recontacted the owner of the first card we asked them about the hotel. That person said they stayed at the same hotel on the same night.
Once the local authorities got involved, it was revealed that only one person worked the front desk at that time these two victims checked in, as well as the time the two fraudulent orders were placed. Last we heard the alleged fraudster/front desk person was fired, and I'm pretty sure charged with at least two counts of identity theft.
[ link to this | view in chronology ]
[emphasis added]
But ... but ... but ... convenience!!!!
[ link to this | view in chronology ]
Feeble thesis. %99 percent is coming up with a suspect.
So as usual, you begin with a strawman you wish to demolish, put some irrelevant text through your sausage machine, and smugly write QED.
[ link to this | view in chronology ]
Re: Feeble thesis. %99 percent is coming up with a suspect.
Once again, you start with a premise that never existed, and try to argue against it. Do you enjoy arguing with yourself so much?
[ link to this | view in chronology ]
Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
[ link to this | view in chronology ]
Re: Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
[ link to this | view in chronology ]
Re: Feeble thesis. %99 percent is coming up with a suspect.
[ link to this | view in chronology ]
It is kind of a straw man. Mike should link to or include a quote from an article mentioning these types of crimes being a major concern as he implicitly suggests.
Most of the news about the problems with open-wifi have been concerns over copyright infringement. For example this article about potential banning of open hotspots mentions that as the primary concern.
http://www.zdnet.co.uk/news/networking/2010/02/26/open-wi-fi-outlawed-by-digital-economy-b ill-40057470/
Sending personal information over a network is obviously much easier to trace. A semi-knowledgeable person using it to exchange media files has virtually no chance of getting caught.
[ link to this | view in chronology ]
There is just so much wrong with this single statement, that it is beyond understanding.
Open WiFi is, without a doubt, one of the biggest security holes on the net. Combine it relays, VPN, or other "cloaking" and the end user is all but invisible.
To dismiss it off handed because of a single case (that really has little to do with WiFI beyond "means", as he was tracked down not for technical reasons, but because he was an disgruntled employee stupid enough to make his presence known at the WiFi location) is an incredible reach, a huge logical jump.
It makes you wonder what other amazing logical jumps have been made in the name of getting this to line up with the Techdirt universe.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
No, it is not. Badly written applications are. Remember: Sony was "hacked" because of a simple SQL injection attack, one of the most preventable of attacks.
Talk about logical jumps...
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
In the near future:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I saw another show where the hacker rented a office space far away (more than 10 block, but still in line of sight) from then open wifi and then constructed an 10 foot antenna and directed right at the open wifi location.
My point is stupid criminals get caught. It is the smart criminal that I worry about...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]