Unless my dictionary is defective, that's not true. My dictionary includes "deprive another of property" as part of the definition.

Legally no. It is trespassing only after you tell the person to leave, if they stay. Same applies to stores and other pseudo-public locations. The legal presumption is that you have to make a reasonable effort to let people know you don't want them there.

There has to be a presumption of responsibility somewhere. No technical knowledge is required, just the ability and willingness to read the easy directions. If you're unwilling to do that, well, then too bad. We expect people to know that they need to put gas in a car, and press the brake to stop, and other things which they have to go learn. This is no different. Also we have to define "taken advantage of." In this case, there is no evidence that any damage was caused in any way, so where's the loss to the person who didn't secure his network? How was he taken advantage of?

I have a lot of sympathy with these points. Personally I blame the lousy documentation and stupid web browser management interfaces for a lot of the lack of security in the access points. It's why I think quite highly of Apple's configuration tools for the Airport family, because they provide graded levels of the tools for different user skill levels.

heluani, I think at least the regulation they try to apply in the case at hand requires intent, so you're off the hook.

However, this example illustrates the complexity of the problem with at least three parties involved:

The owner of the AP, who might argue he bought an appliance and expected it to work securely straight out of the box.

The manufacturer who'd tend to retort that his customer is responsible for sensible administration of the documented features.

And finally the one who runs with more or less intent into an open network and uses it in all kinds of interesting ways and as heluani showed, sometimes even without being aware of it.

I don't think there are easy answers. What I see here looks a lot more like a field the general public does not yet have sufficient understanding about.

Everybody is pretty much able to define a half-way decent security policy for his own home. That may range from no-doors-locked in small rural communities to sophisticated access-controls planned by professional security firms depending on the risk assessment.
Yet we see a guy people trust with the lives of their cats and dogs not taking appropriate steps to enforce his no-passers-by-on-my-WLAN-policy. At this level of academic education, plain stupidity is not the most probable explanation.

The use of computers comes with lots of risks, many of which are not well understood, some hyped and exaggerated by the media, others ignored by all but security experts. The awareness that you need to address those risks, either by reading up and acting accordingly or by getting help from trustworthy experts -like you would to have a stronger front-door installed- is yet to come.
The perception that "having it just work" leads many owners of Windows botnet drones to the (wrong) conclusion that as long as their box doesn't crash or hog bandwidth like crazy, they're fine.

This is no excuse at all for makers of bug-riddled operating systems or access-point-designers failing to inform about the security features in order to reduce tech-support costs.

But in the end of the day and while we wait for that to improve, only an educated user will be able to reduce computer-related risks to a level he is willing to live with.

As Rod Serling might say, "submitted for your approval..."

http://news.com.com/Hacker+U.S.+defe...l?tag=nefd.top

Interesting. From the article it sounds to me like he should submit a consulting bill for his security testing services.

There's quite an interesting interview of that bloke in the Guardian

http://www.guardian.co.uk/weekend/st...523143,00.html

Here are the actual charges with the IPs of the compromised machines:

http://cryptome.org/ips-bared.htm

To keep it slightly on topic:
It would probably be rightly so considered evil if you drove by an open WLAN of someone you dislike, hammer the IPs in the document quoted above, then hide and wait for the MiB to come and kick his door ;) .

Really? This just sounds odd to me. With this logic to me it seems that I can go anywhere that does not have an express sign there telling me what I can and can not do and treat it as my own, whether it be a store, a person's yard, or a beach. So, if I like to smoke my cigarettes and just toss the butts on the grass I can, because that is what I would do at my place if the people didn't have a sign up telling me to use the butt can.

While the law might say that the person has to set up the rules, wouldn't common courtesy dictate that it's best to ask the "owner" what a guest can do? I highly doubt the person setting up the lawn chair on someone else's lawn would be so kind as to not come out with a shotgun to someone on their own lawn, or more to the point of the article I doubt the person who is sitting in his SUV has decided to allow others to use his home wireless network.

There certainly does need to be some responsibility. Technical knowledge is not the issue, neither is the choice to read the directions or not. Advertisments (by the companies) sell a user the world and don't tell them what is needed to be safe. As long as things are sold as simple when they are not there is going to be problems.

Finally, there are only a handful of those who take who are also willing to give back, as in share. Many who take aren't so keen on sharing though, so to me that is when it is wrong, most of the time not in a legal sense, but in a be nice to others way.

That's a good suggestion and one that I've seen implemented in airports (e.g., Airport - Free) and highway rest stops (WiFi - free).

Alternatively, the default name for routers could have "private" or something like that in the name and could ship with password protection with the password noted in the manual. That would go a long ways to solving a lot of problems; anyone wanting to change that config could dig a little more into the manual to see how to set it up.

-----

Agreeing with Craig and others on the difficulty of configuring a router; to this day, only IE works with one of my old routers, and who would think to try anything beyond their default browser? Some kind of admin utiltiy like Airport Administrator would be great! Getting it to work with the wide range of routers out there would be a challenge, however.

In that case, everyone - or at least those looking to cause trouble - would know how to log into an 'unconfigured' router. That's why I believe it will be necessary to limit access out of the box to those on a hardwired network. The buyer is then forced to configure the router if wireless access is desired. A web standards based interface would be best. I hate having to use IE to access my Linksys. ;)

Well, not if they have different passwords. That would be the ideal.

I like your suggestion as well, cwtnospam

A felony is way to harsh of a charge I feel. Even if they want to go to lengths to protect WiFi, a felony is an absurd charge. I can understand how breaking an entering into a network is similar to breaking into a house. But this is hardly malicious hacking we are talking about. it's parking on residential street to check mapquest on an someones open wifi. This "crime" is in the same catagory as murder!? Stealing something out of a store is only a misdomeaner, and in this case NO one was even harmed.

I am speaking more general, than this case. In this particular case it seems the person clearly knew he was stealing wifi and I understand him being charged, but a felony is much to high a price to pay for sucha minor crime.

Looking it up on Dictionary.com I see "a criminal taking of the property or services of another without consent". If theft is something that is only concerned with tangible things, tell me why it's illegal to hook into a cable box to get free cable.

Maybe theft isn't the perfect term for this. But we're down to quibbling over definitions of crimes -- an exercise I find to be completely pointless. Trespassing is maybe more appropriate, but only slightly. The exact word for the act of using someone's wireless network without consent is something I'm not worried about. I think I've made it pretty clear that I find the act to be wrong. I do agree with Twelve Motion, though -- felony is not appropriate here.

I would like to see routers shipped with the wireless network settings off. When the user turns on the wireless capability, they'd have to choose their own network name -- no more defaults of "linksys". This would, I think, drastically reduce the accidental connections to an open network which was never intended to be open.

You must have missed our threads where we discussed ethical issues pertaining to intellectual property, which would be included in the definition you gave (which is a good one, imo). So "tangible" has to include such realms as ideas, software, and even wi-fi signals, if it can be demonstrated that they rightfully "belong" to someone.

Getting lost in a residential area, and opening up your laptop to check mapquest using a random houses wireless is felony. Thats pretty absurd.

A person should be responsible for all of his own stuff. If there is a 20$ bill laying on the sidewalk, or a parking lot and someone picks it up thats hardly stealing I think most people would agree. If anything it's the fault of the person who dropped the 20$, he should be more careful and take better care of his belongings. Consider this being poorly protected and looked after wireless internet being "dropped" on the side walk or parking lot. If the WiFi is being broadcast over public property, and you are using it from that public property, I say it's public property, just like loose change on the ground. If don't want your stuff getting stolen, keep it out of the street. if you don't know how to keep it out of the street, then i highly doubt any amount of people using it will every bother you. If it does start to visible slow down a person connection he will initiate the next logical step and calle support. They will tell the person to lock it down and walk them through it. No law needs to be made for this.

You know what would be kind of cool. Anyone who has an open wireless at thier home, is allowed to use open wireless at other peoples homes. So if you are cought doing this sort of thing, the police would check to make sure you are doing it on you home router also. If you are, you are free to continue. Kind of like, giving a public service in order to use a public service. I haven't really thought the logistics of this out, but it seems pretty interesting.

http://www.freenetworks.org/

is one initiative among many to promote this idea.


And just for the record:
In the now-closed thread on copyright Phil mentioned

http://forums.macosxhints.com/showthread.php?t=37178

quite some participants would not agree that you own copyright the same way you own your accesspoint.

There is a very interesting lawsuit going on to challenge some alledgedly unconstituitonal changes to the US copyright-law:

http://cyberlaw.stanford.edu/about/c...ashcroft.shtml

Brewster Kahle, the guy behind http://archive.org tries to preserve orphaned works, something greatly hindered by the way copyright has recently evolved.

How do you get from being able to go onto private property to "treat it as my own?" You don't see the stretch there?

Do you really think you could be arrested for trespassing if you cut across a neighbor's yard? No, if it's an open yard. There are dozens of legal precedents saying that trespass doesn't apply to open land with no indication that you may not enter.

I'm sorry. I seem to have misunderstood what you said. After re-reading it I see it like the casino rule where they can at anytime call you a trespasser and kick you out or have you arrested.

That said, I do see many with the "treat it as their own" attitude and this to me is what makes things like this tough. Should they be legal issues. I really don't think so.

But - there are some good examples here of reasons here where I wouldn't be mad if someone used my wifi. Actually my neighbors and I share. When they are on the front stoop smoking they use my wifi, when I am on the fire escape in the back of the building I use theirs.

Let's take the lost and needing mapquest example. Now let's say that I found my directions but I figure that since I went through the effort to grab the laptop out of my imaginary back seat and I'm already lost and late so I might as well check my email when I am done getting the directions. Oh look - someone sent me that funny iFlea commercial. I should check that out. So I download it and watch it. Oh, might as well check the scores as well. It's not taking up a lot of the wifi resources to do this and the owner probably doesn't even notice me there - but it's at the point I decide that I will use someone else's something as my own that I really think I crossed the line.

To me, it's a lot more about respect then it is about the law.

I agree. My computer illiterate sister pays for a RoadRunner supplied/installed/configured wireless router. When first installed, I dropped in to check it out since I had offered to install a wireless router for her (to prevent the monthly rental fee).

The wireless access point was wide open to all takers! I told her that she was at risk of taking the legal heat for someone who might use her connection to do bad/illegal things and I advised her to call RR and complain until they reconfigured the router. I doubt that she called them and, since she doesn't generally listen to big brother's advice, I'll allow her to learn the hard way.

I'm somewhat surprised that RR would leave a router open like this.

-- Rob

The problem with asking manufacturers and providers to provide security is that it will cost a lot of money in support time. If someone can connect, they won't call. If they can't, they will. If they get hacked, too bad, the TOS says that's your problem.

The first company to start shipping routers with the wireless not ready to use will need a huge tech support budget. So why do it?

I like the idea (mentioned above) of an admin utility that you'd have to install and configure to enable the router. This wouldn't need to be complicated -- maybe just a few check boxes, with the instructions right along side. That shouldn't be so hard to do and might even help to save tech support a whole lot of time. Chances are that people who DO want to go beyond the default setup will need some kind of help, so a utility app would cut down on that kind of support time.