Laptop user arrested for WiFi use

[J Christopher]

Quote: Originally Posted by cwtnospam Given the fact that most home users aren't even aware that wireless routers need or even have security options, I doubt that a judge would recognize a network in basically the default configuration as being tacit consent. If every router made forced you to go through a security "setup wizard" by default, then there would be some basis for claiming consent if it were left open.

I don't think a judge would allow a prosecutor to base his prosecution on the plaintiff's ignorance any more than he would allow ignorance as a basis for defense. Most judges are pretty fair in that respect. And the (US) system is, by design, biased in the defendants favor.

[J Christopher]

Quote: Originally Posted by cwtnospam If it were only about one wifi setup, I'd agree. The problem is that if something isn't done, this can easily become a big problem. What happens if it is legally ok to interlope on any wifi that isn't secure? How do you police a situation in which you can't stop a real criminal from interloping until and unless you catch him in some criminal activity? It would be exponentially harder to catch him.

All that needs to be done is for people who do not want to share their internet access to set the password on their routers. It's not a crisis situation. There is no need to get the police involved at all, especially without any laws being violated. I'm aware of no actual legislation that states that it is unlawful to send and receive radio signals from an open wireless network. Granted, I don't keep up with the lawmakers of every jurisdiction in the US, much less the world, so if you know of such laws, please share with the rest of us.

In absence of such laws, it still appears that it is the network owner's responsibility to secure his/her own network. Operating any sort of radio transmitter has never been without legal responsibility in the US. Why would Wi-Fi be any different? Ignorance or naivety are not excuses.

[cwtnospam]

Quote: Originally Posted by J Christopher In absence of such laws, it still appears that it is the network owner's responsibility to secure his/her own network.

You would think so, but in that case why aren't ISPs held responsible for all outgoing spam? Shouldn't they be required to secure their networks, and if you can't get them to do it, how do you get Joe Sixpack to do it?

[J Christopher]

Quote: Originally Posted by cwtnospam You would think so, but in that case why aren't ISPs held responsible for all outgoing spam? Shouldn't they be required to secure their networks, and if you can't get them to do it, how do you get Joe Sixpack to do it?

Do you think it is the ISP's customers that are responsible for the spam, or attacks on those customers' PCs to utilize them for inappropriate use?

I'm all for been free to jump on an open wireless network. I don't support attempts to bypass security measures. That is wholly different than signing on to an open network. The overwhelming majority of people recognize that if a password is required, and they are not privy to that password, that means they are not welcome.

[tlarkin]

Quote: Originally Posted by cwtnospam You would think so, but in that case why aren't ISPs held responsible for all outgoing spam? Shouldn't they be required to secure their networks, and if you can't get them to do it, how do you get Joe Sixpack to do it?

I could possibly tell you how to get a copy of the Anarchist cook book, but I am liable for telling you where to find a copy if you do something crazy? I could explain to you how bit-torrent works, but I am liable when you abuse what it is intended for and pirate software?

ISPs can't be held liable for someone's else property or equipment. What they do is shut down your connection on their end. When I was doing lots of side work for that contracting company part-time a lot of my work orders were to go out and clear out a small network that was shut down by their ISP because they were spamming. Typically some sort of Trojan was involved with a mass downloaded and a mass mailer.

Even if there is no "No Trespassing" sign, that doesn't mean you can't be prosecuted for trespassing on someone's private property. I think the ISPs would see this as stealing, like if you spliced into your neighbors cable. I think ultimately in court you would be billed for the internet you stole and possibly a fine.

There are some cases, like my old neighbor, that had is AP wide open and had the SSID as "You're Welcome!" Obviously that implies that it is public and okay for usage by anyone. That could be argued in court I would say. I used his wifi when I first moved in because it was going to take the Cable company over a month to come turn my cable on.

[cwtnospam]

Quote: Originally Posted by J Christopher Do you think it is the ISP's customers that are responsible for the spam, or attacks on those customers' PCs to utilize them for inappropriate use? The overwhelming majority of people recognize that if a password is required, and they are not privy to that password, that means they are not welcome.

I think that both share responsibility. Customers are responsible because they didn't secure their PCs, and ISPs are responsible because they haven't secured their email servers. ISPs are also partly responsible for the continued use of Windows because of their Windows centric support policies. That makes them responsible for some of the PC bots that send spam.

The overwhelming majority may recognize that a required password is a no trespassing sign, but an equally large number don't know that it's possible to put a password on a wireless connection.

Quote: Originally Posted by tlarkin ISPs can't be held liable for someone's else property or equipment. What they do is shut down your connection on their end.

It sounds nice, but if they had proper methods in place, spam could not account for 90+% of all email.

[NovaScotian]

Quote: Originally Posted by cwtnospam If it were only about one wifi setup, I'd agree. The problem is that if something isn't done, this can easily become a big problem. What happens if it is legally ok to interlope on any wifi that isn't secure? How do you police a situation in which you can't stop a real criminal from interloping until and unless you catch him in some criminal activity? It would be exponentially harder to catch him.

I think this is the nub. It creates an anonymous user.

[lhridley]

IMHO, if you're stupid enough to set up a WiFi router in your home and don't password-protect it, then you should expect someone to steal your bandwidth. Doesn't make it OK for someone to do it, just makes you stupid for not taking the proper precautions.

Just like locking your front door when you leave home -- doh! Don't cry that someone stole your Christmas presents when you left the door open.

Or leaving the car door unlocked, and then being surprised when someone helps themselves to your sound system.

My neighbor started piggybacking on my WiFi about 2 years ago, so I enabled the WPA and set up all my home computers for access -- he actually got belligerent with my husband when he was mowing the yard a few days later! Told him I'd be happy to give him access if he wanted to pay my monthly ISP access charges, otherwise get his own internet access.

He now has his own -- password protected, BTW.

[NovaScotian]

The shame here is the continued delivery of WiFi routers in an unprotected (wide open) state. Their processors and memory these days are more than capable of launching a wizard at first run insisting on a password for their protection. For all you know otherwise, some pervert is sitting outside your house surfing kiddy porn via your IP Address, and you'll have a tough time talking your way out of a conviction.

[Jasen]

I don't think it's fair to lay any blame on router mfgrs. Every router I've bought in the last few years has indeed had a wizard or at least a quick setup guide that any literate moron could understand. I don't really care for the idea of forcing security on users either. The instruction manuals are usually pretty clear about how to change settings and what settings to change to enable security.
The fact is, people are just too lazy to do it. I don't feel any sympathy for them. Wardriving and wifi snooping is not a new thing, it's been on the news for years now. People just get into that mentality of "it won't happen to me."

[NovaScotian]

You'd be astonished at how prevalent these security lapses can be in places where they really shouldn't be; not just homes. I attended a meeting a few years ago in a conference room in Connecticut that was immediately below a stock broker's office. Within minutes of sitting down (waiting for the meeting to assemble) I was looking at the broker's WiFi router page. I could have brought that brokerage to its knees with a few mouse clicks. The mind boggled.

[ArcticStones]

Quote: Originally Posted by NovaScotian You'd be astonished at how prevalent these security lapses can be in places where they really shouldn't be; not just homes. I attended a meeting a few years ago in a conference room in Connecticut that was immediately below a stock broker's office. Within minutes of sitting down (waiting for the meeting to assemble) I was looking at the broker's WiFi router page. I could have brought that brokerage to its knees with a few mouse clicks. The mind boggled.

Brought it to its knees?
More likely you would have done them a great favour by making less risky investments for their clients!

[NovaScotian]

Quote: Originally Posted by ArcticStones Brought it to its knees? More likely you would have done them a great favour by making less risky investments for their clients!

True, ArcticStones; I hadn't thought of that -- the brokerage, I was told, was a hedge fund.