Laptop user arrested for WiFi use
 

From The Times in London:

http://technology.timesonline.co.uk/...cle2310670.ece

The array of opinions in reader's comments was interesting reading.

It amuses me that these countries waste numerous amounts of money on little things like this.

yeh... perhaps the Police should use their time on more serious crimes.... like all the stabbing and gun crime going on in London at the mo..

I dunno, I think that if they can be caught (and it's not a complete pain), then they should do it. It is stealing after all, and no one likes having their bandwidth eaten up by someone else, right?

All the same, why people don't just lock their signals is beyond me...I have my router configured to only accept the Mac Addresses I put in it. Works like a charm...

If it was unsecure then it shouldn't be a crime. If the offender had hacked into a secure WIFI network then it should be a crime. Its the owner of the account that put it out there. This is like a bar/nightclub/pub with peanuts - if they're on the counter then people can take them for free, if they're behind the counter people have to buy them (or steal them).

I remember hearing a similar case that happened here in the US.

I agree with this post all the way.

I somewhat agree, I lock my network with WPA, but...

There's still plenty of room for it to be a crime. If you leave your MacBook Pro in your car, and you don't lock the car, and someone steals your MacBook Pro, is the thief Not Guilty because you made two mistakes?

If you leave your credit card behind on the store counter, and the guy behind you uses it, is that guy Not Guilty?

I have a full on thread about "technology police" on this forum, here:

http://forums.macosxhints.com/showthread.php?t=76878

I find it interesting where the future lies in these types of crimes. On one hand some things should not be considered a crime and in the other hand someone will have to at sometime lay the smack down on some of these people out there.

It is a complete gray area I think as far as most countries laws go because digital intrusion is such a new thing. I mean if you open up your wifi with no security and I just use it to browse the web, am I liable for your mis-configuring of the wifi network?

That's ridiculous. The peanuts on the counter are meant to be free, someones personal internet is not. Saying someone can use an unlocked router is more like saying, "if the front door is unlocked I can steal your computer." And, for the record, taking advantage of someone "just because they made it easy" is not the greatest of moral arguments.

My old neighbor had a WiFi access point that was called "You're Welcome" and it was wide open with no security.

LOL. Well, seems like that would be about the same as having a "help yourself" sign above your open unlocked door. I think permission was implied, right? :).

This really is an interesting subject and I have sympathy with many of the arguments from all sides. I guess that means that I don't really know where I stand on it.

The UK, for instance, is so backward in terms of WiFi access, that I used to have to go wardriving when I visited there. Bought myself a wee handheld net scanner and away I went. The place I stay at has WiFi now, so no further need. I once bought access to an access point and it wouldn't let me login - emails to the admin went unanswered. So what is a visitor to do?

I was in Singapore in May and read that the government there has a stated aim for the island to be completely covered in free Wifi within two years. Given their track record of achievements, I believe they will do just that. That then gives real clarity to the issue. If there is total free coverage and you are caught blagging someone else's net, then it becomes a fair cop.

To paraphrase Monty Python: "You're ****ing nicked, me old beauty!"
:)

Like I said before, why waste our resources on these people? I'd rather our jails be filled with people who could do some serious bodily harm to another, rather than some guy who was using a laptop to connect to a friggin' wireless network.

While not conceding that WiFi stealing is legal, I do agree with Anti. Given the choice between jailing a person who jacked a WiFi signal and a killer, I think I'd rather jail the killer.

But the crucial point of data we are all missing is just how hard, and how much it would cost, to actually capture someone perpetrating the crime. Maybe this is one of those laws that they don't actively enforce, but if someone reports their neighbor (i.e., has the evidence in hand already), then you press charges?

I like what they are doing in Singapore, as mentioned by Gavin. I think that will be the way most cities are come 10 years, and I can't wait. The town I live in recently subsidized a fiber optics network, so we all get fiber for $40 a month, not bad really. Step in the right direction, that's for sure. I just can't wait till it's free...

The thing is that the increased productivity that comes from being "always on" is considerable - why are Blackberries so popular, for instance? Not having open, state-funded free access is so short-sighted. This is a classically Singaporean thing to do. Far sighted.

Singers is not a cheap place to live and/or do business but the quality of the infrastructure and independent legal system there makes the place an irrisistable destination, In a part of the world where these two concepts are still somewhat nascent.

And that's why they leave their neighbours in the dust. Good for them.

G.

That seems to be the way that the whole police force (in the UK anyway) runs, jailing/fining people for near-to-nothing. And if they do jail the killers, they just jail them for a while, then relese them back into the country to kill some more people. I think that at the very minimum they should be jailed then exported, and permenantly banned from the country. And a really big fine(several £thousand) might help put people off killing others.

Ah, if only there were a large expanse of land on the other side of the world we could send them to..... ;-)

Costas

Well you could export them to any country, then they'll play hot-potato until the criminal lands in a country that lets them stay there (like the UK) or until the criminal meets up with another criminal friend, have a argument over who's banned from the most countries, get violent, and kill each other.

Or you could just send them to the moon! (that would be what the fine would be paying for;))

I was, tongue in cheek, referring to England in the late 18th and early 19th century exporting it's "criminals" to Australia. Can you imagine an English judge sentences a pick-pocket to transportation to Bondi Beach. "You shall go surfing for the term of your natural life".

Costas

Does that mean that the people of the moon would create a culture that is a mixture of all of Englands other former prison colonies?

(US-centric interpretation follows.)

He could not connect without permission from the server. If permission was granted (without "hacking") to connect to the wireless network, it wasn't stealing. Period.

If I leave my door unlocked, it's not illegal for someone to take it upon themselves to come into my apartment. They can even sit down on my couch and watch my television (assuming I owned one), and all I can do is tell them to leave. There is no crime unless they refuse to leave. It is my responsibility to secure my apartment. If it's not secured, there is no breaking and entering, even if I left the door unlocked only by accident.

Like my drill sergeants used to tell us when something came up missing from an unsecured locker:

"Private, if you didn't secure it, it wasn't stolen; you gave it away."

I'm not familiar with the UK's justice system, but in the US, this charge would be so easy to defend against that I wouldn't even bother paying an attorney.

The officer in this case should be relieved of his position for showing a complete lack of judgement and intelligence, and wasting valuable taxpayer resources.

Yes, it's a crime, because they knowingly took something that didn't belong to them that could not be reasonable considered to be something someone had already lost. Now, change the scenario to something more comparable: You leave the radio on in your car, and someone comes along and starts to listen, without touching your car, changing stations or adjusting the volume. Is the listener guilty of theft simply because they are listening to music from a radio that doesn't belong to them? What did they steal?

Or, even more similar, let's say you have a CD changer hooked up to your car via an FM modulator. If someone else starts listening to your CD (that's already playing) by tuning their own radio to the channel transmitted by your CD changer, have they committed a crime? Don't those radio waves belong to you?

They cannot use your credit card without misrepresenting their identity with the intent of committing fraud. They would not be guilty of stealing your credit card. You left it for them. They would be guilty of fraud or closely related crime.

Yes, it is very important to choose appropriate analogies. The car radio analogy is somewhat simliar, but by nature not close enough as an infinite number of receivers can play back the signal with no degradation for any individual user. With an access point, the bandwidth is essentially free...unless you need it.

If someone is using your unsecured connection and there is excess capacity, you are not hurt in the least. However, if you rely on your broadband service level for your job and you need all available bandwidth to upload or download some large files to meet a deadline, and some freeloader is running torrents on your access point, then you are being materially deprived of a finite resource you paid for.

That's separate from the question of whether you are morally obligated to secure it. For example, if you own 10 acres of land that borders a road, and you discover that someone has been selling vegetables every day from a stand along the road that happens to be a small area of your property that you almost never set foot on, who has the greater responsibility to act first: Should the squatter leave first, or should you build a fence first? Most people would say that legally speaking, the squatter needs to leave first.

Legally speaking, if the land is not posted (visible No Trespassing signs) or fenced, and the squatter has not otherwise been informed that his presence is not welcome, then he cannot be convicted of criminal trespassing, at least in most US jurisdictions. So, yes, it is the landowner's legal responsibility to act first by ensuring the squatter is aware that his presence is not welcome by communicating that explicitly or implicitly. Only after such communication has been occurred does the squatter have a legal obligation to leave the property.

Still, in the case of the person arrested for using an open Wi-Fi network, his computer was explicitly given permission to join the network. It is the network owner/administrator's responsibility to deny permission for access if they do not want the network accessible by unauthorized persons.

Fair call. However there's a lot of free WIFI hotspots these days and how is a member of the general public supposed to differentiate between a free -sanctioned- hotspot, and one that is a product of human error? It's not always obvious.

Back to my analogy, I've often taken peanuts from a bar and in some places the bar staff tell me I need to pay for them. There's a safety net there: someone to tell me whether to pay or not. There's no safety net with WIFI, and therefore anyone caught using someone else's WIFI should be let free unless you can prove there was malicious intent.

If you read the article from the OP, the guy was sitting outside of a house. If it was a coffee shop, you could make the claim that he didn't know, but not a house!

Would you find it fair if the bar staff told you the peanuts were free, then had you arrested for theft after you didn't pay?

The guy in London obtained permission, by way of protocol, from the network, to join the network. Despite having permission to use the network, he was arrested.

If you found an open connection would there be a way to contact the owner of a connection to officially ask for permission? If I'd found one the other day when I was trying to upload a 50MB file on dial up I admit I would have been tempted. I can see it's dodgy though, especially if the owner of the connection pays for excess usage.

I think the Bar analogy isn't accurate. Using wifi is more like using some one else's external water spigot or electrical outlet. You see it's there, and you know it isn't yours. There is no sign saying it's free to use, so you should assume it isn't. This is especially true since it's so easy to name a free wifi access point something like FREE or OPEN TO PUBLIC!

The analogy that springs to mind for me is an old one:

Many years ago, when affordable FAX machines were just appearing in offices, you'd come in in the morning to find a mile of paper on the floor; all of it advertising, i.e. SPAM, though that term wasn't in use. Eventually, spamming a FAX was made illegal in the US because it consumed the owner's resources (the then expensive paper) without the owner's permission.

If ISPs in GB charge for bytes beyond a set limit, then piggybacking on someone's account might cost them money, but certainly uses up a resource they have to pay for by moving them toward their limit. Roughly the same in my book as sending unwanted FAXes.

But it is just as trivial to not grant permission to external computers requesting permission to join the network by securing it. It is the responsibility of the network's owner to keep (non-hacking) people out.

Bypassing even minimal security measures may in fact be illegal, but in lieu of even minimal security measures, the network was effectively a public network. Potential users have a reasonable expectation to be made aware that their presence is unwelcome.

If I am walking somewhere, I do not have to ask permission from the owner to cut across unfenced, non-posted private property, provided I've not otherwise been notified to not trespass. Lacking a fence and No Trespassing signs is implied permission. I can even stop and lawfully have a picnic on that property if I so desire. My legal obligation is only to leave when asked/told to do so.

At the end of the day, the only thing that happened was that a guy accessed an open network from a public location using proper protocol, without resorting to any sort of "hacking." Charging him for a crime was absolutely absurd (again, by the standards of US law).

(In fact, in the US, having unfettered access to a location is oftentimes all that is required to authorize the police to search that location. If my landlord unlocks my apartment and authorizes the police to perform a search without a warrant, it is very highly probable that the results of such a search would be admissible in court, because the landlord had access, and thus the authority to authorize the search. If I had a locked safe or lock box in my apartment, to which the landlord had no key, he would be unable to authorize the search of said safe/lockbox. Such a search would require either my permission or a search warrant.)

One might argue that what the guy did was unethical, but that is far different than being illegal.

It's trivial for you and me, but to most home users it's like magic that it works at all. Obviously, sitting outside their house to get connected demonstrates knowledge of what you're doing, just as the act of plugging into another person's outlet or water spigot isn't accidental.

@ J Christopher: But as I said in post #31, you are using his resource, a resource he has to pay for. Walking across a lawn does not consume anything. This is more like going to your neighbor's house and hooking up a hose to fill your swimming pool. There is no prohibition on the faucet, it's outside the neighbor's house, it's not locked, you didn't legally trespass to get to it because there was no sign or fence, but you stole his water, and he'll have to pay the water bill.

I'm with NovaScotian, that's a good analogy.

So far this debate has been rather interesting. In reading this posts it has occurred to me that this debate is really about whether or not your are actually harming someone else if you jack their signal. Thus if you are, in any way, degrading their quality of internet usage or causing them to have to pay more money, then the answer to this debate is obvious.

So let me ask this question. Will using a neighbors internet connection significantly degrade the quality of their experience and can it, under certain circumstances, cause them to have to pay more money? Because in either of those situations I think it would definitely be illegal and immoral.

And, to throw one more thought out: Even if it's not stealing from the person with the open WAP, what about their ISP? I mean, if you can get it for free then why would you pay for it, right? Is the ISP losing a potential customer? Are they seeing a loss for this? Just a thought...

Most of the time it's a violation of the terms of service agreement to share your internet connection with anyone outside your family. With that in mind, connecting (even with permission, but that's another issue!) puts the owner of the network at financial risk.

Electricity is similar. My neighbor has several outdoor outlets that he uses for yard lights. One of them is two feet from our property line under a weeping crab apple tree. I can reach it without leaving my property or being seen from his home (as it happens they're away at their summer cottage for the month of August so I wouldn't even have to be stealthy).

If I use his outlet to run my hedge clipper is that OK or not? Does it depend on the size of the load I impose; is it worse if I run a line into my house to power my refrigerator?

I think not; I'm just stealing power from him whether the draw is 1 amp or 15. How is his internet connection different from his water or power utilities? Is it just because I don't have to make a physical connection or enter his property that it's ok to piggyback on his router from the street? Is the distinction where you are?

On the other side of me, my neighbor reseeded part of his lawn immediately around his hose connection. He came over and asked if he could water it from mine using my hose so he wouldn't have to walk on it. Why did he ask?

I think the above statement is the crux of this argument, and why the situation differs from the analogy of the neighbour's electricity or water, or the truly passive ones of the radio signals.

Would anyone that understands these things care to describe the details of the negotiation that goes on between a laptop and a router to establish a connection? From the router advertising its presence, running a DHCP server, handing out an IP address, etc., etc.

Perhaps the arresting officer and the owner of the router didn't understand the technology, but it seems to me that permission was in fact granted by the router, which of course is only doing what it was told to do by the human that configured it.

So you're implying that I couldn't complain if my neighbor filled his hot tub from my hose connection because I should have turned it off at the winter cock inside the house if I didn't want him to or that my neighbor should pop off the breaker on his yard outlets when he isn't using them himself? That the issue is whether you are actively preventing such use?

This is a valid argument if and only if the resource is limited such that by joining the network, the "leecher" was using non-surplus bandwidth. This might be because the service is payed for on a per byte basis, the service has a maximum amount of data that can be downloaded in a particular billing cycle and the leecher's use of the bandwidth contributed to overage, or the owner was currently utilizing bandwidth at a rate such that the leecher's connection slowed down the internet connection.

If the leecher was utilizing surplus bandwidth, then from a practical perspective, the bandwidth can be treated as a non-limited resource, very different from water or electricity, which are typically purchased by the unit.

Either way, it is still an argument about ethics, and not legality, unless the UK (or London) has a law prohibiting people from joining open networks without explicit permission from the network's owner or administrator.

That also supports my assertion that it is the network's owner who is legally responsible to secure the network.

In my apartment complex (I live there; I don't own it!) we have internet service included with rent. Every bedroom has an ethernet connection. If we are found by our service provider to have made available an open wireless access point, we lose our internet service. The responsibility for making sure only authorized persons utilize the access point lies solely with the person whose ethernet access point is being utilized for the wireless (sub-)network. We are not held responsible for anyone hacking into the wireless network.

Try doing a speed test with only one computer on your internet connection, then do it again with two computers simultaneously. I think you'll find that the speed won't be as high the second time around.
That's true as far as the ISP is concerned, but not the wifi owner. The ISP goes after the wifi owner who in turn goes after then interloper.

I don't want to say that the wifi owner shouldn't take action to protect themselves. They should, but the fact that they haven't done so does not give permission to abuse their naivety.

I think cwtnospam got it in one simple phrase -- "... the fact that they haven't done so does not give permission to abuse their naivety." My view exactly.

Those examples imply that it would be ok to do something just because you can, and weren't explicitly told you can't. I don't agree with that at all.

However, with the wifi, the laptop is asking permission to connect, and the router is granting it. In the absence of any hacking, permission to connect is explicitly being granted by the router (all this I am assuming because I don't really understand wireless networking).

The router, behaving according to how it was configured, is playing an active role in not just allowing, but establishing the connection, maintaining it, and serving as a go between for the laptop and whatever server it wants to connect to. Computer hardware "talks" to each other, but a dumb electrical socket or water faucet can't grant permission, so unless you had a sign saying "Permission is granted to anyone who wants to take water" hanging from the tap, I would say it is off limits - it would not be necessary to have a sign saying "don't take my water".

I agree. But if the network owner wasn't accessing the internet at the time, then it is very possible there were no quantitative damages.

I'm not saying the leecher acted ethically. I'm saying that it does not appear that the leecher acted illegally. I believe there is a big difference between the two.

There often is, but it isn't legal to trespass, even if there is no sign. Signs only make it harder to say you didn't know. No one is going to be arrested, let alone convicted of trespassing for knocking on some one's door, but cross the lawn to plug your extension cord or hose in, and that can certainly be added to the charges.

I think the law varies enough that where you're from it may not be that he acted illegally, but in many places, and most importantly, where he was caught, he was acting illegally. Just as it is in the wifi owner's best interest to know how to secure their network, it's a good idea to know the law before logging into an unsecured hotspot.

Parking in a handicap spot does no one any harm most of the time because others are often unoccupied. If, by chance, having lived in a cave, you didn't know what the white wheelchair/stick figure on a blue field meant, you'd still get a ticket. Ignorance of the law is no defense.

Actually it is legal, at least every place in the US I have lived. Trespassing is not a crime. Criminal trespassing is a crime. For it to be criminal trespassing, the trespasser MUST be aware, via signs, fences, verbal or written warnings, that his presence is not welcome.

Are you sure? I'm not familiar with the laws that apply in London, but I've not seen anyone point out the exact law that was broken (Did I just miss it?). It could be there was a law violated. Or it could be that this is an example of overzealous policing that made the news specifically because he was arrested without having actually broken any laws.

Ignorance is no defense, but handicapped spaces are clearly labeled as such, both pictorially and in clearly worded signs. If they are not properly labeled, the tickets are (ideally) not issued, or are easily beaten by pointing out the fact. Due process still exists from time to time.

Related anecdotal support:
Source

Have you lived in Michigan?

Nope. I've never lived in Michigan. It gets too damn cold in Michigan for my tastes! :D

Your quote, "Some local ordinances do not require any prior notice at all," has been taken out of context. That's a little disingenuous, don't you think? You neglected to add the preceding passage. To be honest, I expected better from you, sir. Allow me to clarify. I'll even leave your quote in for clarity.

Quoting your source (emphasis mine):
So while in a few cases there may be no prior notice necessary, it is clear those jurisdictions are the exceptions, and not the rule. I'm pretty sure I have stated as such already, in previous posts.

This works until you realize that electronic devices are not allowed to make legally binding decisions. If the owner intended to make it so the router was going to allow you access then you are fine, if not, well, you're on shaky ground if this thread is any evidence.

The bottom line is that you can't say "well the router was okay with it" and pretend like it's a legal defense. That doesn't stand up to moral or legal reasoning.

The real question here is whether or not someone's naivety should be factored in when considering the legality or morality of a decision. If someone doesn't know any better and you take advantage of them, is that right? I tend to think it isn't, and I've noticed two other posts that agree with me.

J. Christopher-- You seem to be pretty good at research, can you tell us if the FCC has anything to say about taking someone elses signals. They are in control of all signals in the air (in America anyway)...

I think J Christopher's point about trespass is well taken in most places. Hunters in Nova Scotia can hunt in any woods that are not posted against it. You cannot own a natural body of water in Nova Scotia and you cannot prevent fishermen or wardens from crossing your fields to get to lakes and streams provided they do no damage.

Folks routinely enter your property to knock at your front door. My postman has been cutting across my lawn for years, but I don't want to piss him off and I know he has standing orders to take the shortest path between front doors.

Cell phone jammers are illegal here in Canada (and I suspect, in the US too) because you are not permitted to trespass on the public airwaves except for the purpose for which they are licensed. They're available in Japan (and I'd dearly love to have one for use in restaurants, and for when the idiot in front of me sits idling at the now green light while fiddling with their phone). But that's another story, perhaps another thread. :)

But then we aren't really talking about trespass here, are we? We're talking about using someone else's resource without their permission even if we do no "harm".

Well, I figured that since you took me out of context...:D
What I had said was that if you "cross the lawn to plug your extension cord or hose in, and that can certainly be added to the charges." Basically, you've done harm, and you can be charged with trespassing even if there was no sign. The amount of harm isn't important either, so the whole argument about whether or not the wifi owner felt the harm is immaterial. Some of the bandwidth is taken for the interloper's purposes, so there is harm, however small, and hence trespassing.*


*I am not a lawyer in Michigan, or any other state. All claims subject to judicial review. All information provided for entertainment purposes only. Do not attempt this at home. Do not attempt this at some one else's home. Do not use Sunshield while driving. Do not operate heavy machinery...

My home internet connection is distributed to the home LAN by a wireless/wired router. I always make sure to encrypt the wireless part using WPA-PSK with a complex password, because otherwise, our neighbors *inevitably* tap in to our internet connection - usually within a few hours, but sometimes just within a few minutes.

Of course, if I had my druthers, I would be using Flashdist on a Soekris with IPSec encryption to ensure network integrity - but I don't really have the resources or the time for that at the moment…

Tacit consent, given by virtue of the network being open, is often legally recognized.

:o

I'm not sure what their stand on the topic is. I've not looked into it.

Given the fact that most home users aren't even aware that wireless routers need or even have security options, I doubt that a judge would recognize a network in basically the default configuration as being tacit consent. If every router made forced you to go through a security "setup wizard" by default, then there would be some basis for claiming consent if it were left open.

I'm not sure legally establishing that damages have been caused is that easy. It would be very difficult if the wi-fi owner didn't perceive any problem. Without established damages, it becomes essentially a victimless crime.

Also, most judges don't like their time wasted with frivolous lawsuits, and likely won't recognize damages that amount to only a few cents.

If it were only about one wifi setup, I'd agree. The problem is that if something isn't done, this can easily become a big problem. What happens if it is legally ok to interlope on any wifi that isn't secure? How do you police a situation in which you can't stop a real criminal from interloping until and unless you catch him in some criminal activity? It would be exponentially harder to catch him.

I don't think a judge would allow a prosecutor to base his prosecution on the plaintiff's ignorance any more than he would allow ignorance as a basis for defense. Most judges are pretty fair in that respect. And the (US) system is, by design, biased in the defendants favor.

All that needs to be done is for people who do not want to share their internet access to set the password on their routers. It's not a crisis situation. There is no need to get the police involved at all, especially without any laws being violated. I'm aware of no actual legislation that states that it is unlawful to send and receive radio signals from an open wireless network. Granted, I don't keep up with the lawmakers of every jurisdiction in the US, much less the world, so if you know of such laws, please share with the rest of us.

In absence of such laws, it still appears that it is the network owner's responsibility to secure his/her own network. Operating any sort of radio transmitter has never been without legal responsibility in the US. Why would Wi-Fi be any different? Ignorance or naivety are not excuses.

You would think so, but in that case why aren't ISPs held responsible for all outgoing spam? Shouldn't they be required to secure their networks, and if you can't get them to do it, how do you get Joe Sixpack to do it?

Do you think it is the ISP's customers that are responsible for the spam, or attacks on those customers' PCs to utilize them for inappropriate use?

I'm all for been free to jump on an open wireless network. I don't support attempts to bypass security measures. That is wholly different than signing on to an open network. The overwhelming majority of people recognize that if a password is required, and they are not privy to that password, that means they are not welcome.

I could possibly tell you how to get a copy of the Anarchist cook book, but I am liable for telling you where to find a copy if you do something crazy? I could explain to you how bit-torrent works, but I am liable when you abuse what it is intended for and pirate software?

ISPs can't be held liable for someone's else property or equipment. What they do is shut down your connection on their end. When I was doing lots of side work for that contracting company part-time a lot of my work orders were to go out and clear out a small network that was shut down by their ISP because they were spamming. Typically some sort of Trojan was involved with a mass downloaded and a mass mailer.

Even if there is no "No Trespassing" sign, that doesn't mean you can't be prosecuted for trespassing on someone's private property. I think the ISPs would see this as stealing, like if you spliced into your neighbors cable. I think ultimately in court you would be billed for the internet you stole and possibly a fine.

There are some cases, like my old neighbor, that had is AP wide open and had the SSID as "You're Welcome!" Obviously that implies that it is public and okay for usage by anyone. That could be argued in court I would say. I used his wifi when I first moved in because it was going to take the Cable company over a month to come turn my cable on.

I think that both share responsibility. Customers are responsible because they didn't secure their PCs, and ISPs are responsible because they haven't secured their email servers. ISPs are also partly responsible for the continued use of Windows because of their Windows centric support policies. That makes them responsible for some of the PC bots that send spam.

The overwhelming majority may recognize that a required password is a no trespassing sign, but an equally large number don't know that it's possible to put a password on a wireless connection.

It sounds nice, but if they had proper methods in place, spam could not account for 90+% of all email.

I think this is the nub. It creates an anonymous user.

IMHO, if you're stupid enough to set up a WiFi router in your home and don't password-protect it, then you should expect someone to steal your bandwidth. Doesn't make it OK for someone to do it, just makes you stupid for not taking the proper precautions.

Just like locking your front door when you leave home -- doh! Don't cry that someone stole your Christmas presents when you left the door open.

Or leaving the car door unlocked, and then being surprised when someone helps themselves to your sound system.

My neighbor started piggybacking on my WiFi about 2 years ago, so I enabled the WPA and set up all my home computers for access -- he actually got belligerent with my husband when he was mowing the yard a few days later! Told him I'd be happy to give him access if he wanted to pay my monthly ISP access charges, otherwise get his own internet access.

He now has his own -- password protected, BTW.

The shame here is the continued delivery of WiFi routers in an unprotected (wide open) state. Their processors and memory these days are more than capable of launching a wizard at first run insisting on a password for their protection. For all you know otherwise, some pervert is sitting outside your house surfing kiddy porn via your IP Address, and you'll have a tough time talking your way out of a conviction.

I don't think it's fair to lay any blame on router mfgrs. Every router I've bought in the last few years has indeed had a wizard or at least a quick setup guide that any literate moron could understand. I don't really care for the idea of forcing security on users either. The instruction manuals are usually pretty clear about how to change settings and what settings to change to enable security.
The fact is, people are just too lazy to do it. I don't feel any sympathy for them. Wardriving and wifi snooping is not a new thing, it's been on the news for years now. People just get into that mentality of "it won't happen to me."

You'd be astonished at how prevalent these security lapses can be in places where they really shouldn't be; not just homes. I attended a meeting a few years ago in a conference room in Connecticut that was immediately below a stock broker's office. Within minutes of sitting down (waiting for the meeting to assemble) I was looking at the broker's WiFi router page. I could have brought that brokerage to its knees with a few mouse clicks. The mind boggled.

Brought it to its knees?
More likely you would have done them a great favour by making less risky investments for their clients! :D

True, ArcticStones; I hadn't thought of that -- the brokerage, I was told, was a hedge fund.