How Ruling On WiFi Snooping Means Security Researchers May Face Criminal Liability

from the not-a-good-thing dept

We wrote last week about an appeals court's technologically illiterate ruling that WiFi isn't a radio communication, and therefore picking up unencrypted WiFi data, even though it's broadcast for anyone to access, could be a violation of wiretapping laws. This seemed ridiculous for a variety of reasons, including the fact that part of the reasoning is that radio is supposedly mostly "auditory" (even though it's not).

Over at the EFF, Hanni Fakhoury explains how this ruling could be a disaster for security researchers:
If you're a security researcher in the Ninth Circuit (which covers most of the West Coast) who wants to capture unencrypted Wi-Fi packets as part of your research, you better call a lawyer first (and we can help you with that). The Wiretap Act imposes both civil and serious criminal penalties for violations and there is a real risk that researchers who intentionally capture payload data transmitted over unencrypted Wi-Fi—even if they don't read the actual communications —may be found in violation of the law. Given the concerns about over-criminalization and overcharging, prosecutors now have another felony charge in their arsenal.
There's a fairly big risk here that this interpretation of the law is going to create tremendous chilling effects on research.

Of course, there is a flip side. In theory, this might also mean that police can't scoop up WiFi signals either:
On the other hand, the decision also provides a strong argument that the feds and other law enforcement agencies that want to spy on data transmitted over unencrypted Wi-Fi will need to get a wiretap order to do so. We've seen the government use a device called a "moocherhunter" without a search warrant to read Wi-Fi signals to figure out who's connecting to a particular wireless router. This decision suggests that to the extent the government uses a device like this (or even a "stingray" to the extent it can capture Wi-Fi signals) to capture payload data —even if just to determine a person's location—they'll need a wiretap order to do so. That's good news since wiretap orders are harder to get than a search warrant. 
Still we've seen courts give much greater leverage to law enforcement scooping up communications, so this benefit might not actually be real. The risk and the chilling effects to security researchers, however, is very real. Having seen how often security researchers have been threatened and/or arrested for their research, giving law enforcement another bogus thing to use against them is a huge problem.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, liability, research, security, vulnerabilities, wifi, wifi sniffing


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Gee, 18 Sep 2013 @ 8:37pm

    so does that mean the next time I open my laptop or smartphone to check for any nearby wifi networks to connect to, that Im violating wire tapping laws?

    Because in order to first connect to a network you need to scan it, to find out the ssid, and what encryption you need to use.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Sep 2013 @ 11:24pm

      Re:

      Maybe. The law isn't clear.

      This is why it's a bad law.

      link to this | view in chronology ]

    • icon
      Not an Electronic Rodent (profile), 19 Sep 2013 @ 12:50am

      Re:

      Because in order to first connect to a network you need to scan it, to find out the ssid, and what encryption you need to use.
      It's worse than that. Every time you are in range of a network your wireless receiver is receiving every single packet all the time. It then chooses to discard the stuff based on looking at it to see the network name on each packet.

      So if you carry this ruling to its logical conclusion, you're a felon every time you use WiFi in a built up area.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Sep 2013 @ 4:11am

        Re: Re:

        > It then chooses to discard the stuff based on looking at it to see the network name on each packet.

        Sorry for being pedantic, but most packets do not have the network name. They have up to four six-byte addresses. It chooses to discard the stuff based on the receiver address, and if the receiver address is a group address (broadcast or multicast), based on another address which has the BSSID (which designates a single access point; a network name, called a ESSID, can have more than one access point).

        link to this | view in chronology ]

        • icon
          Not an Electronic Rodent (profile), 19 Sep 2013 @ 6:30am

          Re: Re: Re:

          All true if, as you say, a little pedantic. Doesn't change the fact that all WiFi receivers in range receive all packets though, does it?

          link to this | view in chronology ]

          • icon
            ltlw0lf (profile), 19 Sep 2013 @ 3:24pm

            Re: Re: Re: Re:

            All true if, as you say, a little pedantic. Doesn't change the fact that all WiFi receivers in range receive all packets though, does it?

            Many access points, and most client software, captures data based on this traffic to show you what is in the air around you.

            Many access points label this information as "site survey" so that they can allow the administrator to chose the least populated channel (which of course, very few administrators realize that there are only three channels which do not interfere with each other: 1, 6, 11, and that choosing 2,3,4,5,7,8,9, or 10 makes you a dick,) and thus allow the administrator to chose channel 3 (because nobody else is on it.)

            Most clients will display, as a matter of course, the list of SSIDs they see so that the user can connect to the one they think is theirs. Which is often a lot of fun when you set up an identical SSID as the one they usually use, and then they end up connecting to your access point without authorization! Me loves me some hot "linksys" or "default" SSID action!

            link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    out_of_the_blue, 18 Sep 2013 @ 8:38pm

    So, very narrow risk so far only in Mike's FUD...

    "If you're a security researcher in the Ninth Circuit (which covers most of the West Coast) who wants to capture unencrypted Wi-Fi packets" versus fairly obvious benefits of not every yahoo or Google invading through gadgetry that is NOT put up for public use -- gee, I see only benefits.

    Mike Masnick on Techdirt: "its typical approach to these things: take something totally out of context, put some hysterical and inaccurate phrasing around it, dump an attention-grabbing headline on it and send it off to the press."

    link to this | view in chronology ]

    • icon
      James Burkhardt (profile), 18 Sep 2013 @ 9:45pm

      Re: So, very narrow risk so far only in Mike's FUD...

      Point of order: Grammer, sentence structure, and your full chain of logic would be needed if I were to even begin to take that staement seriously. Without forknowlege of how you have previously responded, I wouldn't even be able to guess what you were trying to say.

      Even guessing here I really dont see how commentary on the risk posed to researchers attempting to determine, A) how effective wifi encryption is, or B) how effective a new algorithm is at acquiring wireless signal, or C) any other legitimate, necessary research into security and/or innvoation in the wireless industry has "very little risk" because somehow it brings down google?

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Sep 2013 @ 10:12pm

      Re: So, very narrow risk so far only in Mike's FUD...

      Have a drive-by DMCA!

      link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
      identicon
      out_of_ideas, 18 Sep 2013 @ 11:00pm

      Re: So, very narrow risk so far only in Mike's FUD...

      You are a moron and everyone here hates you. Mental illness is sad...

      link to this | view in chronology ]

      • icon
        art guerrilla (profile), 19 Sep 2013 @ 8:28am

        Re: Re: So, very narrow risk so far only in Mike's FUD...

        *ouch*
        hee hee hee
        ho ho ho
        ha ha ha
        ak ak ak

        link to this | view in chronology ]

    • identicon
      Pragmatic, 19 Sep 2013 @ 3:47am

      Re: So, very narrow risk so far only in Mike's FUD...

      OOTB on Techdirt: "its typical approach to these things: take something totally out of context, put some hysterical and inaccurate phrasing around it, dump an attention-grabbing headline on it and send it off to the press."

      link to this | view in chronology ]

    • icon
      silverscarcat (profile), 19 Sep 2013 @ 5:44am

      Re: So, very narrow risk so far only in Mike's FUD...

      Hope you don't go to Starbucks then.

      You could be charged for a felony for using their wifi.

      link to this | view in chronology ]

    • icon
      JMT (profile), 19 Sep 2013 @ 2:43pm

      Re: So, very narrow risk so far only in Mike's FUD...

      "gee, I see only benefits."

      Of course you do. That you cannot see or understand the benefits of security research only highlights your extraordinary ignorance of the topic.

      link to this | view in chronology ]

  • identicon
    Wolfy, 18 Sep 2013 @ 9:58pm

    Someday soon, I hope, I'm going to wake up, and people in elected/appointed office will be mostly normal again.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Sep 2013 @ 10:08pm

    Sooo yeah.... this sucks...aspiring white or black hats that could help the country progress in the future, would have to be a criminal to learn the tricks of the trade.

    No wonder some of the best come from china and other parts of the world.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Sep 2013 @ 10:33pm

    Mike, a white background makes your website difficult to read (my eyes burn after a while). You should include the option for a dimmer more friendly color. Unfortunately my phone doesn't seem to have such an option.

    link to this | view in chronology ]

  • identicon
    horse with no name, 19 Sep 2013 @ 12:12am

    translation

    To translate the EFF statement:

    Because we think this might actual make some forms of hacking illegal, and because we wish that all wi-fi was free and no net users could ever be held accountable for their action, we therefore bring up this incredible scare story that has little basis in fact.

    Valid security researchers, working on approved target networks or against networks they create for testing would not have an issue.

    People who randomly door knock servers and networks looking for problems would - as they should.

    Thanks to the EFF for this horribly transparent attempt to further their own agendas.

    (and my posts are STILL being held for moderation... don't you get bored of censoring people Mike?)

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 Sep 2013 @ 12:30am

      Re: translation

      Wow, you're just a big glutton for punishment aren't you? Right here, we've got another post where you whine "censor censor censor" - and post within minutes of the previous poster.

      Congratulations, fucktard, you earned yourself a DMCA vote, plus the following observation - which I'm going to keep making until you get it through your penis-embedded skull.

      horse with no name just hates it when due process is enforced.

      link to this | view in chronology ]

    • icon
      Sheogorath (profile), 23 Sep 2013 @ 3:34am

      Re: translation

      And my posts are STILL being held for moderation... don't you get bored of censoring people Mike?
      Actually, censorship would be if your posts were deleted altogether, not simply held to check they're not anything like the following: Cheap kobe Shoes I looked at the size and realized it was not going t
      New Football Boots Their alertness, agility, and strength make them formidable guard dogs and used as service dogs, guide dogs for the blind, therapy dogs, police dogs in K9 units, and occasionally herding cattle or sheep.
      After all, censorship is suppression of speech, not waste disposal.

      link to this | view in chronology ]

  • icon
    Anon E. Mous (profile), 19 Sep 2013 @ 12:26am

    Another interpretation that would make it difficult for the people who actually do good works with Wi-Fi.

    So are they telling us that all the miscreants who war drive and invade Wi-Fi will stop dead in their tracks because of this ruling? I doubt that.

    The government can't even seem to follow it's own law and those who are there to enforce them and seem to have a broad interpretation of how the law applies to them.

    Well this will certainly clear that up.

    link to this | view in chronology ]

    • icon
      Not an Electronic Rodent (profile), 19 Sep 2013 @ 1:02am

      Re:

      So are they telling us that all the miscreants who war drive and invade Wi-Fi will stop dead in their tracks because of this ruling? I doubt that.
      No, but arguably you could be arrested for detecting them since you will be "wire tapping" their WiFi signal to do it.

      link to this | view in chronology ]

  • icon
    Not an Electronic Rodent (profile), 19 Sep 2013 @ 12:52am

    Great theory...

    In theory, this might also mean that police can't scoop up WiFi signals either
    That's sarcasm... right?

    link to this | view in chronology ]

  • icon
    Not an Electronic Rodent (profile), 19 Sep 2013 @ 1:00am

    Another useful feature shot down in flames

    Just thought of another effect of this ruling even assuming you aren't a criminal now just for using WiFi in the first place...

    Most enterprise level WiFi controllers allow the detection and quashing of "rogue" WiFi signals in range, including detecting APs impersonating your own network. This often includes the ability to impersonate the rogue AP to "steal back" any clients that have attached to it. To do that of course, it has to "wire tap" the rogue.

    Looks like that feature will have to be disabled, huh? Way to make corporate networks less secure.

    link to this | view in chronology ]

  • icon
    Richard (profile), 19 Sep 2013 @ 3:55am

    Torn Sympathies

    So hard to know for which to root, Amish judge's opinion or reality. On the AJ tip, we're all at risk for running wireless networks at all, since our machines listen to everything, but, hypothetically, we now have a defense against cops who snoop sans wiretapping orders. Got 'o hope EFF, ACLU, et al. are standing in the wings, waiting to jump on the first case brought by ANY cop organization, operating in the 9th circuit's demesne, that is based on one of these newly illegal wiretaps.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Sep 2013 @ 4:04am

    Not just security researchers

    I have personally used Wireshark (a common and powerful sniffer) to capture all the wifi traffic in the area, to help me choose the best wifi channel for the access point I was configuring. This is a good idea since there is some traffic you will not see just by looking at the list of nearby networks like most people do.

    Every wifi network in the area was encrypted, so I did not capture any plaintext payload, and I discarded the capture when closing Wireshark. But I could not know that every wifi network in the area was encrypted until after I did the capture. Not only are there kinds of wifi networks which do not beacon normally (like some kinds of mesh network), but also if I am close to the client but far enough from the access point, the network could be invisible to me but I could see the client (the hidden node problem, with the access point being the hidden node).

    That ruling is pathetic anyway. "Sophisticated hardware"? Really? Every single wireless network card I have seen on common laptops can capture wireless packets. If every average laptop user has it, calling it "sophisticated hardware" as if it was something special you had to buy is a stretch. "Fail to travel far beyond the walls of the home or office where the access point is located"? Have they ever heard of high-gain antennas? I have heard of people being able to connect to unmodified access points kilometers away by simply using a high-gain antenna on a laptop. And not all high-gain antennas are "sophisticated hardware" too; have they ever heard of the cantenna and of the wok-fi?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Sep 2013 @ 5:04am

    Keep your security out of our criminal's way. Understood?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Sep 2013 @ 5:55am

    but i'll bet you anything you like that any company collecting data on behalf of the entertainment industries will be given a carte blanche to do what they like, where they like, how they like!!

    link to this | view in chronology ]

  • identicon
    Mike, 19 Sep 2013 @ 6:20am

    Government

    In what world does anyone believe the government won't completely disregard any laws they put into place and sniff the data anyways?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Sep 2013 @ 6:23am

    "an appeals court's technologically illiterate ruling that WiFi isn't a radio communication, and therefore picking up unencrypted WiFi data, even though it's broadcast for anyone to access, could be a violation of wiretapping laws"

    Unless you are exempt from the law, which apparently allows you to do what ever you want. No holds barred. Two sets of rules.

    "All animals are equal, but some animals are more equal than others"

    link to this | view in chronology ]

  • icon
    TheLastCzarnian (profile), 19 Sep 2013 @ 7:03am

    Police wardriving

    So, the police who were wardriving for unsecured wifi and warning owners are now at risk for wiretapping charges, right?

    link to this | view in chronology ]

  • icon
    Zack (profile), 19 Sep 2013 @ 8:02am


    The Wiretap Act imposes both civil and serious criminal penalties for violations and there is a real risk that researchers who intentionally capture payload data transmitted over unencrypted Wi-Fi—even if they don't read the actual communications —may be found in violation of the law.


    So let me get this straight. If the NSA collects communications but doesn't read them, they haven't actually collected anything. But if you're a researcher, then it's a felony?

    link to this | view in chronology ]

  • identicon
    dd, 19 Sep 2013 @ 9:51am

    Judges are imbeciles

    Somehow our political process has appointed judges with the IQ of a nat.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Sep 2013 @ 7:36pm

    NSA can spy on every internet user but internet users cannot snoop on (public) WiFi?

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.