IT Employment

General discussion

Locked

connecting to unsecured wireless: is it hijacking?

By Ned Rhinelander (CNET) ·
I came in today to my job at CNet Network's Cambridge office, and had to wait in the lobby for a fire alarm to clear.

I pulled out my laptop and decided to see if there were any available networks...turns out there were 10, 3 or 4 of which were not secured. So, I proceded to IM with my colleage Steven upstairs. Before long Steven asked me "so you don't have any qualms about hijacking a wireless connection?"

When I setup a wireless access point, I consciously assume that if I set it to broadcast the SSID and disable security it's tantamount to offering a public service.

However, Steven's question threw me for a loop, because I think he has a point as well...no one gave me permission to connect to the access point. Just because my computer connects automatically doesn't necessarily make it right.

Any thoughts out there on the legalities or general ettiquitte of this?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Extremes are never worth arguing?

by tradergeorge In reply to Extremes are never worth ...

The best way to prove or disprove a concept is to test the extreme cases. If the concept proves valid in the extremes, it is valid in the "lesser" cases.

This is about theft, no matter how you look at it. The real question is whether it is theft to the degree that prosecution is advised for the worth and mitigation of the case in question.

Collapse -

Exactly my point

by Cactus Pete In reply to Extremes are never worth ...

It's not worth arguing the extremes, they are known. We need to figure out where the breaking point is so that we can state what has crossed the line so we should care about it.

Collapse -

The difference...

by tradergeorge In reply to It's not the same

is that the owner of the restaurant provides these facilities knowing that a few non-customers will use them and agrees to the use as a cost of doing business.

If you really believe that bandwidth is a non-consumable quantity, you need to learn more about the infrastrucrure of connections to the internet (or maybe just talk to your ISP). Like the minutes on your cellphone plan, it is only "unlimited" until you exceed your allotment. Then it becomes very expensive, very quickly.

Collapse -

Wireless Hijack in London

by mintond In reply to connecting to unsecured w ...

I was in London last week on business and a friend of mine asked me to come over and take a look at her system and see if I could fix it. When I went over I found her dsl was down and I had a few technical questions that could only be answered if I could get on line. So I powered up my laptop and I started using the good old modem and a land line to connect to the net. Well low and behold my laptop connected to a wireless network without even trying I looked and the network and noticed it was a linksys system and just for s and g's used the default IP and password and I was in the router. I then looked at the DHCP client list and found the names of the computers which matched the next door neighbors name. So what did I do. I did the honest thing and knocked on the door and informed them what they needed to do to close the open door they left open. The main reason if someone decided to use that connection to set up a kiddy porn site then they would be responsible. Most people just love the plug and play and don't realize how opened there systems are. So I just did some education.

DM

Collapse -

consider the broader issues

by bwalker@work In reply to connecting to unsecured w ...

I suspect that questions such as those raised in this thread are going to become more common in the years to come. As more "services" become widespread and available for convenience, there will be questions about who is allowed to benefit from them. As more "things" are able to be digitized and transmitted, there will be questions about who is allowed to have/use/enjoy them. The current "service" under debate is wireless network access, but what's next? The current "things" under debate are pictures, songs, and movies, but what's next? If individuals rely upon precise restrictions to specifically forbid use of "services" and "things" that are not theirs to use I think that bodes ill for society in general. I believe there must be an overarching sense of right and wrong that comes into play without resorting to being guided by laws, signs, or banner messages. I believe it demonstrates flawed moral logic to attempt to put the burden of controlling behavior on the parties that provide the "services" and "things". If we refuse to respect the interests of others in an ever-increasing number of contexts I'm worried about the ultimate consequences.

Collapse -

I think we have covered all of the fundamentals here

by a16659235 In reply to connecting to unsecured w ...

1. Buy wi-fi, setup and use suggests that the owner read the manual(s) and made a "reasonable" attempt to utilize this new equipment resource according to the many various features the equipment offered.
2. Liability? Placed on whom? Owner? or Casual user who happens to find an open unsecured line of comm.
3. Gazillion ("get this *Hypothetical* of course") methods to compare apples to oranges, lawns chairs to HAM radio signals. (ever think of that?)
4. Public domain? Is this included? What was the intent of the wi-fi? Private vs. public?
5. Did Santa leave you a brand new RAID-10 Server rack under the tree this year?

OK, back to the question: If what you did is called "hi-jacking" then clearly this is true. You did do something that was wrong in terms of personal integrity and self respect for other's property. Laws broken? Maybe so as well. (IMHO-It's also your own company's wi-fi as well giving you 'legal' access-unless you have been restricted from accessing the network.)
Nevertheless, If you see it open and it's unsecured, take a few seconds or more to think it over and make an ethical evaluation >decision.

Great question and thanks for asking.

Collapse -

due diligence

by Steve_Te In reply to connecting to unsecured w ...

The question at hand reminds me of "...well, if ya' gotta' ask!" Although, that line even becomes blurred in our ever-evolving, cross-communicating world.

Initial logic says ...an admin that configures a WLAN to broadcast the SID is (a) desiring that others use that connection point as a public hot-spot or (b) that the admin is simply not privy to the proper configuration and security practices of a WLAN. If you take the "they asked for it" attitude .....please seek professional help. Obviously, not the case in this gentleman's scenario or he wouldn't have posed the morality question.

The question posed, itself, could be debated both ways, and possibly without end, nearly to the degree of p2p file sharing a couple of years ago (let's not go down that road).

However, the "right" approach to this issue seems to be one of doing the right thing if at all possible. The right thing being; if (for example) you have access to the IT dept. in this building, or can find it via some directory, maybe it would be the right thing to "ask" that department of their intention of the open WLAN. You might find that (a) they were simply ignorant of the circumstance or (b) intended for it to be used as configured. Either way ..everyone is square!

Obviously, it wasn't an airport or a coffee shop. Does one really "have" to connect in the lobby on a regular basis? Surely not.

It's seeing the forest in spite of the trees! If it feels awkward or one's concsious says "maybe I shouldn't do that" then 9 times out of 10 that gut feeling is accurate.

Play it safe, not sorry. No one loses a life in this scenario. If someone "were" losing their life and connecting to this WLAN was possible ...by all means hop on-board and apologize later!!! Otherwise, take the time for due diligence and ask the neighbor before parking your car in there driveway.

Steve
Lake City, AR

Collapse -

Public frequency

by ITaintnothang In reply to connecting to unsecured w ...

OK, what is public frequency? HAM radios are public, CB's are public, and WiFi's are public frequency. everyone has a right to use that frequency. I guess when I listen to HAM radio I am hijaking someone elses conversation.

Its not the ISPs fault. 99% of the time they dont even know when a customer sets up a WLAN.

It is the person who set up his WLAN and forgot to secure it.

The anly blame I could possibly see puting on the user is the moral obligation to inform the owner that they have not secured their network.

Personaly, I have 2 WLAN's set up at my home. one is secured for my personal use and is inside my network. the other is unsecured and open to the public. all it can access is the internet, but that is what I wish to do for my neighbors.

I have 3 neighbors that used to have unsecured WLAN's, I contacted them and they paid me to set up basic security on their's. Most people dont have a clue what security means. and in most cases if they are that clueless, it probably isnt on a network that has any thing important on it. Maybe a personal laptop, which is rarely ever even conected.

Is it leagal?

Im not a lawyer, but my understanding is that it is public frequency for public use. If someone is not suposed to be there then treat it as if they arent. Other wise it is public property. It becomes private the moment you secure it.

Collapse -

You Have No "Rights"

by DaGuru In reply to connecting to unsecured w ...

Regardless of whether or not a WLAN is correctly or incorrectly configured, any user who sends, receives or monitors messages/traffic on that network without the expressed permission to do so is hijacking that network. Should the individual whom created/setup the network be impuned? Of course. Should the person(s) responsible for securing it and maintaining it be allowed to find employment elsewhere? Surely.

However, the mere fact that a connection is available and access is allowed (without expressed permission to access it, one must be inclined to say 'inadvertently allowed') does not give way to the assumption that it's okay to do so.

ALthough I do not have a fence around my residential property, one would not (and wisely should not) assume that it's okay to traverse my property to get to the other section of the sub-division. My dogs would probably have something to say about it if someone did...as they have demonstrated their displeasure in that in the past.

Collapse -

Do we owe the owner a notice?

by tantien In reply to connecting to unsecured w ...

Such a great topic and so germaine to my dilmema too. I am sitting in my own home and I put my wireless card in only to find that, after Xmas a person in my neighborhood had installed a new unsecured wireless lan. I was instantly associated to this AP. They had renamed the SSID to (an example) "TheSmiths56GLAN". I've looked up their name in the phonebook and there is only one of a name like this in my very local neighborhood. I am a CISSP. I ethically had a problem riding on their LAN even though I could without damage or privacy invasion. I could call them, but I'm unsure of my responsiblity to do so. My gut tells me that this is not right or else I wouldn't be doubting my actions. I've not actively used this connection, though it is very tempting.

So this question/topic is near and dear to my situation. Any thoughts (need I ask?) about whether if you knew the name of the owners, you'd tell the owners of the WLAN in order to warn them or better secure their network.

Related Discussions

Related Forums