Help - Search - Members - Calendar
Full Version: Wi-Fi Crime
Dumpshock Forums > Discussion > Shadowrun
Pages: 1, 2
JongWK
CNN Story

Neat. cyber.gif
hobgoblin
and a bit corny. only thing the person did was use a open wifi point to surf the net. only problem was that he didnt get the owners permission first.

i wonder, was he in a area where there allready was free wifi available but the computer hooked up to the wrong access point?

err, memo to self, read more then heading before commenting. the guy was parked outside a private home, surfing...
Eldritch
I dunno, the Wi-fi thing is kinda silly.

if you walk by someones house and their window is open - you see them naked running around - are you then a peeping tom? Arrested and registered as a sexual offender?

Wireless routers are fairly easy to secure. But people are too lazy to read the manual. There was an article in a recent paper about war-driving. 2 out of 3 home networks are unsecure. And these kids in the article found well over a thousand.

And it is something that could happen quite accidentally. If you and your neighbor have routers, your pc will just grab the one with the highest signal str and access it - unless it is secured.

For god sake amn, close your window! And read the manual!!!
Jrayjoker
Yup, its reeeeeel tuf to protek yersef. Jes check ther liddle box on the wizerd whiles u r settin' up thuh netwerk.
Req
QUOTE (Eldritch)
For god sake amn, close your window! And read the manual!!!

Take responsibility for your own actions? You must be thinking of some other country.
Ecclesiastes
While I completely agree that the person who owned the WiFi connection was stupid for not securing the signal, what the guy did was still technically theft, stealthing bandwidth. It isn't like being a peeping tom, its more like someone has a pie cooling on their window and you walk by and take a slice for yourself without asking.
hobgoblin
more like trespassing then theft as the very word indicates that the owner no longer have something.

its kinda like me sleeping in your house without your permission (alltho if its a cabin in norway and its a life or death situation, feel free).
Taki
QUOTE (Eldritch @ Jul 7 2005, 03:47 PM)
Wireless routers are fairly easy to secure.

I guess you mean : "it is fairly easy to restrict access to wifi with a password".

Anyway, the bad guy who want to use your access for illegal business won't give a s*** of your password. There is no techno to secure wifi yet.

... by the way setting a password will avoid that 99% of people in the area to access your network (most of them are neighbours with no bad intention)

edit : So you are 99% right. but the remaining 1% count for a lot.
hobgoblin
hmm, thats true.

block mac numbers, spoof em.

every encryption so far have either had a flaw or fallen for pattern searches.

kinda scary in a way as most likely my main net connection will be wimax based some time in the future most likely...

still, the only real diff between this and wired is that with wired you have the physical layer as a replacement for the encryption.

still, if you pull a mitnic you may well be past that barrier. and with todays small wifi gateways you could hook one up somewhere and have all the net time you want even after you left the building (as long as none finds it, that is wink.gif )...
Ellery
I can't see how using an unsecured network is theft any more than picking up a fallen orange on the sidewalk and eating it is theft, or smelling the fragrence of rose bushes over the fence is theft. Since almost nobody pays per-gigabyte for their bandwidth, there is no direct cost to the person whose network is being used, and the item in question is available without restriction in a public place.

If people climb over your fence to get your oranges, crack the encryption on your network, or break into your secured greenhouse to take pictures of your rare prize-winning roses, then yes, there's a potential problem.
sanctusmortis
My biggest problem is the WPA protection. I've gone back to wired till it works. Need to get it done before I moved, as wired won't be a luxury there...

D-Link's routers make it a nightmare to set up, what with none of the necessary fields matching the Microsoft Wireless Network Setup Wizard ones...
Lindt
I love walking down Newberry St in Boston with my laptop turned on in my back pack and just having it hop from one network to the next.

One memorable incedent was while I was sitting in traffic and someone IMed me. In my CAR. I was hitching on a corperate network, totally by accident.

Rember folks, securety is your friend.
Edward
I thought truly unlimited internet access (on broadband at least and if you can afford wi-fi you can afford broadband) was still quit rare, only a handful of Australian operators provide it.

If you do it deliberately it is quite clearly theft, even if the network is unsecured and there are no download charges your still affecting available bandwidth and slowing down the internet for there use.

If it is accidental its like 2 people buying a bag of apples and bumping into each other and dropping all the apples, when they get picked up one person has more purely buy accident
.
Edward
Ellery
In the U.S. most broadband access is claimed to be unlimited, and in practice, the wireless connection imposes more of a limit than the broadband itself does. The provider might get upset if you "overuse" your "unlimited" access, but unless they do, complaining that someone else is using your open wireless makes about as much sense as complaining that they're breathing your air. There's plenty to go around; it only makes sense worrying about the ownership of expensive things. If you worry, at least use WEP.
Fortune
As Edward says, some places (specifically Oz) impose a per month download limit on Broadband plans (my wireless limit is 12 Gig ... and I use every bit of it) before lowering the speed level of access to a minimal amount. I would indeed consider it theft if someone deliberately cut into this.
Wireknight
Then don't give it away to every random passer-by. It's like having a powerful electricity-guzzling air conditioner, and leaving a large window wide open.
Critias
And, after leaving that window open, then calling the police on anyone who paused for a moment while strolling along the sidewalk outside that window.
Fortune
QUOTE (Wireknight)
Then don't give it away to every random passer-by. It's like having a powerful electricity-guzzling air conditioner, and leaving a large window wide open.

I didn't say I was experiencing any problem in that department.

Be that as it may though, implying that it is the owner's fault that bandwidth is being deliberately stolen is like saying that it is a female's fault that she was raped because of what she was wearing.
sanctusmortis
Most UK providers allow unlimited. It's the crap ones that don't. Heck, even AOL does.
Wireknight
QUOTE (Fortune)
Be that as it may though, implying that it is the owner's fault that bandwidth is being deliberately stolen is like saying that it is a female's fault that she was raped because of what she was wearing.

... okay, I'm bowing out of this particular thread.
mfb
haha, what? Fortune, you usually don't say dumb things. but that? that was dumb.

wireless devices are specifically designed to hook up to any WAP they can find. that's their purpose. now, if you have to break someone's encryption to get access to their network, okay, that's bad. but soaking up the free brandwidth that someone is dumb enough to leave just lying around? that's the broadcaster's fault.

i mean, heck. let's say i'm on my way to a business meeting with my laptop in my car. it's on, because i'm typing stuff at red lights. it's got a wireless LAN card. i drive by your house, and you've got an unsecured WAP. my laptop hooks up to your WAP for the five seconds it's within range, because that's what wireless LAN cards do. was i breaking the law for those five seconds? what if my Windows Update automatic downloader starts downloading for those five seconds, because it's set to do so any time there's a connection? i'm breaking the law? that's crap. and by extension, it's crap that stopping outside your house and doing the same thing is illegal just because i know what i'm doing. they're making it illegal to know things.
Eldritch
QUOTE (Fortune)
QUOTE (Wireknight @ Jul 9 2005, 09:31 PM)
Then don't give it away to every random passer-by.  It's like having a powerful electricity-guzzling air conditioner, and leaving a large window wide open.

I didn't say I was experiencing any problem in that department.

Be that as it may though, implying that it is the owner's fault that bandwidth is being deliberately stolen is like saying that it is a female's fault that she was raped because of what she was wearing.

Now that just might be one of the dumbest anolgies I've heard so far.

No one is saying it's the owners fault, I think the point is; is there actually a crime being committed?

You leave the curtains open people will look. Your apple tree hangs over the neighbors yard, they're gonna pick. Leave your monster driveway light on at night, people that need light will stop. Leave you wireless open and people will use it. It's not your fault, but if you don't want people to use it, then secure it.
Edward
If I leave my wireless system open then it would be silly (that and beget concerns is why I donít have one) if somebody drives past and hooks up for 30 seconds then I couldnít care less but if somebody drives around the naberhood looking for unsecured connections and then parks and uses the connection for as long as his laptop has power then that is a deliberate act and dose deserve punishment as theft weather he cracked the encryption or found one that was not encrypted.

A thief is no les liable for stealing your TV if you forgot to lock your front door than if you did so why should the deliberate act of stealing unsecured wireless time be any different.

To bring this back to SR for a moment sprawl survival guide gives the stats for SR3 wireless home networking and you donít need to be a very good Decker to make use of such a conection.

Edward
mfb
so it's only a crime if you do it on purpose? if your car breaks down in front of their house, and your laptop--unbeknownst to you--starts running your BitTorrent downloads, that's legal because you didn't know?

this irks me because the line between legal and illegal is basically non-existant, as currently defined. i'm not aware of any routers on the market which don't have encryption capabilities, and it's not like setting that encryption up is remotely difficult. if you're broadcasting, it should be your responsibility to manage that broadcast, not the possible receivers' responsibility to somehow not recieve it.
Edward
Well is there such a thing as negligent theft. What dose the law say about the cast when a cash machine gives you to much and you genuinely donít notice and spend the money. Or where your power meter develops a fault and only registers 70% of your usage.

Same rules will apply.

Edward
mfb
not hardly. you're talking about faults in the equipment, that you're illegally taking advantage of. with wardriving, you're using equipment the way it's intended to be used. if you're broadcasting, you manage that broadcast. not me, and not anybody else. it's your equipment and your responsibility. you have the tools at hand to manage that broadcast, and the knowledge for managing it is readily available on countless websites. you are forewarned and forearmed--if you choose not to take advantage of that, i don't see why anybody else should get in trouble for it.

"you", of course, refers to "idiots who don't secure their wireless networks".
Fortune
QUOTE (mfb @ Jul 10 2005, 07:38 AM)
i mean, heck. let's say i'm on my way to a business meeting with my laptop in my car. it's on, because i'm typing stuff at red lights. it's got a wireless LAN card. i drive by your house, and you've got an unsecured WAP. my laptop hooks up to your WAP for the five seconds it's within range, because that's what wireless LAN cards do. was i breaking the law for those five seconds? what if my Windows Update automatic downloader starts downloading for those five seconds, because it's set to do so any time there's a connection? i'm breaking the law? that's crap. and by extension, it's crap that stopping outside your house and doing the same thing is illegal just because i know what i'm doing. they're making it illegal to know things.

You'll notice my continual use of the word 'deliberate' in my statements. A person deliberately using your bandwidth without your permission is stealing.

If you didn't like that last analogy (which I don't find particularly lacking), here's another. If you leave your car unlocked and running while going into the 7-11, and then someone comes along and takes it, it is considered theft. You may have problems with your insurance company, but according to the law a crime has been committed, and if/when the offender is caught there is a good chance that he will be charged and convicted.
Ellery
If someone takes your car, you don't have it. If someone uses your wireless network, you still have it. Unless you're on a restrictive plan, you have every bit as much of it as you had before. So they're not taking anything from you. That's the point.

If you consider it to be taking something from you, make it so it's not set up to be taken. If you leave it open, for free, why should I need to specifically ask your permission to use it? If you didn't want to give me permission, maybe you'd turn on security so I didn't have permission?
mfb
right, fortune. i ain't no lawist, or anything, but i'm pretty sure that there aren't any laws on the books about knowing what you're doing. a given action is either legal or illegal; foreknowledge and planning only determines the degree of guilt, not whether or not the action itself is illegal. why is this only legal if you don't know you're doing it? accidentally or not, if you're stealing bandwidth, you're stealing bandwidth, right? doing it on purpose isn't moral, sure, but there's no law against being a jerk.

the rape analogy is not only fairly offensive--or at least emotionally-charged enough to count as being offensive--it's wholly inaccurate. rape inflicts lasting damage. wardriving does not. when you drive off after accepting someone's open invitation to use their bandwidth, they're none the worse for it. at best, they might be inconvencienced while you're on their network, if they're doing something particularly bandwidth-intensive, or if their pipeline is particularly narrow.
hobgoblin
if i hook myself into a neighbours power supply, is it then stealing? or is some other word used?

another problem is that many people set up their wifi point so that others can use it. this confuses the issue as the person with the laptop may think its ok to do this when in fact its just a "clueless" user that didnt secure their wifi gateway.

so a rule of thumb, unless your sure its ok to use a wifi spot, assume that its not. same as with houses and open doors, unless you know for sure (by sign or otherwise) that you can just walk in, knock on the door or ring the doorbell.

basicly, if your not sure, assume the worst nyahnyah.gif
mfb
if your neighbor runs an extension cord out to where your at, no, i wouldn't necessarily call that stealing. a more apt example, though, is if your neighbor got mad at you because he had his radio on and you were listening to it.
Ellery
Wireless communications protocols go something like this:

Router: Hi, I provide wireless access. Hi, I provide wireless access. Hi, ...
Computer: Hi, I'd like to connect.
Router: Okay, you have permission to connect.

or

Router: Hi, I provide ...
Computer: Hi, I'd like to connect.
Router: You need a password to connect. Password, please.
Computer: D'oh.

In the first case, my computer, acting on my behalf, asks your router, acting on your behalf, for permission to connect, and gets it. In the second case, my request for permission is denied.

If people set up hardware that is giving away permission to access their network and they don't mean to be giving away permission, it seems to me that the fault lies with the owner and/or hardware manufacturer, not the person who happens by, asks for permission to use the network, and receives it.

Why am I supposed to ask you in person whether I have permission when I've already asked electronically and gotten permission?
mfb
a better model for WLAN laws than property theft, i think, would be trespassing laws. WLAN access is easier to compare to private property, which can be entered and left with no real harm done, than something which can be stolen. under trespassing law, it's the land owner's responsibility to let people know that he doesn't want people on his land.
Nikoli
But the difference here is, physical trespassing uses signage to stop the potential offender. Putting up signs saying "Open WI-FI Spot, no tresspassing..." is like saying, "Come hack my ass".
Now, if you've got the skills and a wireless system that can handle it, you could potentially redirect any un-sanctioned web surfing to a general page that tells them to bugger off, but the average home user doesn't have the patience, skills, or equipment to handle that.
Your safest bet is to accept sthat someone, if determined can access your wi-fi, so either never put personal or incriminating information on your networked computer or invest some time into PGP in your daily computing routine.
mfb
except that wireless access points come with built-in anti-trespassing tools. instead of signs, all you need to do is require a wireless encryption key, or limit access by MAC address. if someone trespasses on your WLAN despite these precautions--which are, effectively, no-trespassing signs--then they're breaking the law. physically marking the bounds of your WLAN is impractical anyway, since transmission range can vary from moment to moment. therefore, an intelligently-designed law would take into account the fact that in order to trespass on a WLAN in the first place, one would necessarily have the means to 'see' such no-trespassing signs as encryption or MAC exclusions.

and if someone doesn't know how to implement these, they should look it up. the Intarwebs--all of them--have lots and lots of information on the subject.
Nikoli
Someone tried that with hacking a bank computer once. Know that little popup on NT and higher OS's that say basically, if you aren't an authorized yadda, yadda? Those are the no trespassing signs. Apparantly a judge felt that hacking a user name and password wasn't an obvious enough message.
So, no, wep and WPA are not likely to be considered no trespassing signs by judges.
mfb
that's because that judge was an idiot. i'm talking about what the law should be, not what it is. i agree with you on what it is--witness the article that sparked this thread.
Nikoli
Yeah. But we can't just discuss what should be. We have to accept current legal precedents as well. Though the more I hear about law cases, the more I am convinced that judges are poorly qualified for the tasks set befor ethem. Depending on the case, they have to pretend to be an expert in art, literature, computers, technology, networking, accounting, philosophy, scientific methods, epidemiology, and a host of other very specialized fields. Look at some of the stupid judgements in hearing in the past and you'll see what I mean.

I think judges of SR world have it easy with chiped skills.
Rev
Ellery has it exactly right.

Having an unsecured wireless lan isn't like having your front door unlocked, it is like having your front door unlocked and a big sign on the sidewalk saying "you are welcome to come in and use this house".

You could still go into the house and commit a crime, ie by burning it down, or setting up a meth lab but you aren't commiting a crime if you just walk in and watch some tv.

Some people purposefully allow public access to thier wireless networks, now it is the responsibility of anyone who connects to figure out the intentions of the person who is making access freely availible before using it?
mfb
yeah. the current precedents really need to be examined by people who know what the hell they're talking about.
Taki
basically it is too easy to say people don't know how to have a minimum security.
because it should obviously be granted by constructor.

now as forum and sci fi fan I guess sr addict are a bit more informed on security than the average people ...
Eldritch
Heh, My neighbor has a wireless router as well (Open I might add). His radio waves are trespassing on my property...... smile.gif

Now I happen to know wtf I'm doing - I've got my wireless router, wep enabled and somewhat secure formt he casual war driver - or neighbor. But if I didn't know WTF I"m doing, my router is at one end of the house, I'm at the other - closer to my neighbor - and My wireless card detects a net work, I click "Connect' Could be connected to my neighbor. But I don't know what I'm doing, he finds out and calls the police. I'm screwed according to this Fl judge.

Dumb - sorry, yeah it is on the head of the network owner to keep it secure. If I were to log on to my neighbors network, hook up kazaa and download a gazillion songs guess whos IP address gets registered? Guess who gets busted by the RIAA? Yeah, the neighbor. So it's in his best interes to lock it down - for a lot of reasons.
Fortune
QUOTE (Ellery)
If someone takes your car, you don't have it. If someone uses your wireless network, you still have it. Unless you're on a restrictive plan, you have every bit as much of it as you had before. So they're not taking anything from you. That's the point.

As I said before, I was specifically discussing Restricted Access wireless broadband, as it is pretty much all that is available in Australia.
mfb
i think we're talking about very different things. wireless broadband is something you get from a radio tower. you recieve it through a radio unit, which is in turn hooked either directly to your computer or to a router (wireless or wired). if you're stealing that, then you're a) using very expensive equipment, and b) breaking someone's username/password, and probably some encryption. stealing that sort of wireless internet access doesn't really fall under wardriving.

what i'm talking about is a wireless router, that connects to any wireless NIC in range.
Ellery
I think Fortune means monthly-bandwidth-limited. In that case, if you're running up against your limit, you're being a really nice guy by giving me permission when I ask. If you're not feeling that charitable, don't give permission. Pretty simple, neh?
Digital Heroin
On a more Shadowrun-esque note regarding this topic. There have been cases documented in recent months (I'll look it up when I'm not at work) of groups of people trolling around big cities with wireless laptops at the ready in their vehicle. Whenever they get a connection, they mark the building they figure the network is in with a specific grafitti tag. If you know what to look for, you can hitch on to a corporate network fairly easy, especially if they are too lazy to encrypt or even password the network.
SL James
Yes, it's called warchalking. People have been doing it for years.
hobgoblin
lets see i think it was:

)( open
() closed
and (X) or something for secure...
hobgoblin
btw, here is a nice something about hackers and punishment silly.gif

http://arstechnica.com/news.ars/post/20050...50712-5083.html
hyzmarca
QUOTE (Fortune @ Jul 9 2005, 06:56 AM)
QUOTE (Wireknight @ Jul 9 2005, 09:31 PM)
Then don't give it away to every random passer-by.  It's like having a powerful electricity-guzzling air conditioner, and leaving a large window wide open.

I didn't say I was experiencing any problem in that department.

Be that as it may though, implying that it is the owner's fault that bandwidth is being deliberately stolen is like saying that it is a female's fault that she was raped because of what she was wearing.

At the risk of sounding insensivitive, darn right she is. Nothing happens in a vacuum. It takes two people to commit a crime. (Unless it is a victimless crime). While the victim holds no legal or moral culpibility the victim is responsible for putting him or herself in a position where he or she is likely to be victimized.

To put it another way, if a random hypothetical woman hears on the news that a large and prolific gang of serial rapists are targeting women who wear red Bruno Mali shoes it is not wise for her to go out wearing red Bruno Mali shoes. It is not wise at all.

If I had a Wi-fi Network and I chose to leave it unsecure my reason would be that I want to share access with anyone and everyone. As has been said, an unprotected network is an open invitation to geeks and hackers. Usually, it is a friendly invitation.

If I do not want my network to be used I take steps to secure it. The most powerful computers in the world would require centuries to crack a properly constructed password using brute force. Proper password construction is an art. The artist must use all of the tools available. An entire phrase with correct capitalization letters, spaces, and punctuation makes a good password. Most people use crappy passwords.



Edit:I think I have come up with a better answer to the rape analogy. Say a Woman does to a BDSM party. She is told that wearing a red ribbon is a sign that one has a rape fantasy and that everyone should just ignore please to stop unless she uses a safeword. She goes to the party wearing a red ribbon despite the fact that she doesn't want to have sex. When someone tries to fulfill that fantasy that she presents to the crowd by wearing this ribbon she kicks and screams but she doesn't remember to use the safeword.
This hypothitical situation, no matter how unlikely, is a situation where the rape certainly was the woman's fault and in which the rapist is completely innocent. It is also far more like wireless bandwidth theft than any other rape analogy could be.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012