IT Employment

General discussion

Locked

connecting to unsecured wireless: is it hijacking?

By Ned Rhinelander (CNET) ·
I came in today to my job at CNet Network's Cambridge office, and had to wait in the lobby for a fire alarm to clear.

I pulled out my laptop and decided to see if there were any available networks...turns out there were 10, 3 or 4 of which were not secured. So, I proceded to IM with my colleage Steven upstairs. Before long Steven asked me "so you don't have any qualms about hijacking a wireless connection?"

When I setup a wireless access point, I consciously assume that if I set it to broadcast the SSID and disable security it's tantamount to offering a public service.

However, Steven's question threw me for a loop, because I think he has a point as well...no one gave me permission to connect to the access point. Just because my computer connects automatically doesn't necessarily make it right.

Any thoughts out there on the legalities or general ettiquitte of this?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

What ignorance can get you

by Cactus Pete In reply to Ignorance of the Law is n ...

Is some leniency. That you even demonstrated in the above scenarios - and the crime was still a crime - you were just guilty of a lesser one for being ignorant.

Collapse -

Re: Ignorant

by vltiii In reply to Ignorance of the Law is n ...

You don't know where to look!?!?!? The fact that you posted to this thread indicates that you have access to the internet. Try google or whatever your search engine of choice is. Try your city's website! How do you generally look up things you don't know about?

Collapse -

Giving the Correct Answer Helps Educate

by unixwolf.edu In reply to Ignorance of the Law is n ...

I have noticed in your reply that you have found quite a few persons to be incorrect in thier assumptions, and some others to be "DEAD WRONG" according to law, with thier facts. I have found it helps people, when pointing out thier mistakes to list a few of the correct answers. How about a for example...

Collapse -

by PineappleBob In reply to Ignorance of the Law is n ...

As an Architect it amazes me how many attorneys think they know architecture and are "DEAD WRONG" yet espouse their opinions in a similar fashion.

Follow up your statement with some examples of law that specifically answer such questions and make your case.

Collapse -

correct me if I'm wrong, Architects

by brenttj8 In reply to

don't Architects work with copy written information, what are the implications of this?

Collapse -

Not a question of law

by mgordon In reply to Ignorance of the Law is n ...

The question on the table is whether it is ETHICAL. Whether it is legal won't be decided until the Supreme Court says so one way or the other; until then it's a bit of a gamble; although along the path to the Supreme Court is littered with expensive cases and you don't want to be one of them.

If all lawyers interpreted the law the same, we wouldn't need very many lawyers.

Still, it pays to be aware of some laws that would be candidates for being pressed into service in this as-yet fuzzy area.

ECPA: if you intercept communications via the wireless access point, you must not divulge it (Electronic Communications Privacy Act).

DMCA: Digital Millenium Copyright Act. Has provisions against decrypting communications.

Various wiretapping laws could possibly be brought to bear on the issue.

All of these that come to mind pertain to interception of communications presumed to be private. But where no expectation of privacy exists, these particular laws are not likely to be useful.

Ethically I have very little problem with it. If I put a telephone out on the sidewalk in front of my house, passers-by may infer that I intend for it to be a public phone. I might just be an idiot of course. But it creates an "easement" or in other words not only does the public enjoy freedom from prosecution, in extreme cases you can be prevented from removing the public convenience that you have created.

Suppose I put a telephone on the sidewalk in front of my house, with a long wire into my home. Is that a public convenience? It is impossible for passers-by to know your intentions, therefore they use the "reasonable man" theory to infer whether it is a public convenience. Since nobody puts personal phones out on the sidewalk where any passer-by can use it, we infer that any such instance must be for the public convenience. I too am not a lawyer, but guess what, lawyers do not make laws, legislatures make them and juries decide them, including nullifying a stupid law.

Whether you SHOULD use a "found" wireless hot spot is somewhat doubtful. You'd better be using encryption 'cause you might have stumbled onto a "honeypot" sniffing YOUR communications.

Collapse -

Just like roaming on a GSM network

by kzin In reply to Putting the blame the rig ...

You travel around europe and connect to different networks.
Some teleco's block access to you because your home network
doesn't revenue share others let you connect. If a WI-FI network
isn't secure one can presume it is available for use. Just because
the wireless transmitter is sub $100 doesn't mean that you have
to apply retard logic when configuring..

Collapse -

by rob In reply to Putting the blame the rig ...

Totally disagree with your percentages. The vendor is under NO obligation to assist the end user with securing his/her network. Network architecture rests solely at the feet of the network's owner.

As for the home user, the responsibility lies squarely on them as well. From a vendor's standpoint it is a nightmare trying to walk untrained and technically unsavvy individuals through complicated and varied procedure.

From an ISP standpoint if I, as the Service Provider, am going to shoulder the responsibility of securing your network then know I'm not leaving it up to you to do the setup and installation. I'm sending a trained technician to your location and I'm charging you for the service. Responsibility doesn't come without cost.

Bottom line, if you're a techie and can handle doing the research and taking the time to understand what it is your doing then great, go for it. Otherwise, hire a professional. I don't see people wiring their own homes for phones, cable tv, or electricity. Why should they do it with networking simply because the equipment is available for purchase?

Just my .02 worth.

Collapse -

vendor

by ngl0578 In reply to

it should not be too difficult for a vendor to change from defaulting security settings to off, to putting in a random code and placing that code in the manual or even on a strip of paper in the box. that one step would make off the shelf access points at least minimally secure right out of the box.

granted a wep code is not great security, but it is better to have the weak chain keeping the door closed, than not. that way, if a person/organization wants to put a free for all access point out.. they can turn off the security themselves.

Collapse -

Vendor installed codes

by rob In reply to vendor

Well, your thoughts sound good on paper but be prepared to field hundred (thousands) of calls when the thing doesn't work right out of the box. Most end-users (in my experience) do not read documentation. They're first course of action would be to call Tech Support and complain. Fielding calls cost money.

Related Discussions

Related Forums