http://news.yahoo.com/news?tmpl=story&u=/ap/20050707/ap_on_hi_te/techbits_wi_fi_theft_1
ST. PETERSBURG, Fla. - Police have arrested a man for using someone else's wireless Internet network in one of the first criminal cases involving this fairly common practice.

Richard, I will state the obvious-

If this guy hacked through the homeowner's security, i.e. the homeowner had set the encryption key or made reasonable attempt to protect his wireless network with supplied security measures, even minimal ones, the hacker needs to be held on the criminal charge and found guilty. However, if the homeowner broadcast his network for anyone to easily obtain an IP and login without any stoppage by the homeowner's network, then it is not wrong and the hacker should be released and charges dropped.

All these wireless networks are sold with warnings about security. The homeowner has a requirement to implement these measures. If he leaves his personal belongings and valuables in the street outside his house unsecured, say a hundred $$ in cash, It is not stealing if someone comes along and takes it.

Having a PDA with wifi, I often pass through neighborhoods and the PDA will automatically log in to homeowner's networks if they have DHCP set and do not use encryption. Funny, but most of these also use an SSID of "Linksys" or no SSID. From my perspective, there is no way to tell where that signal and network is located. It is just a hundred dollars left in the street for anyone to take as their own!

If the guy was not hacking security then I hope he has a good knowledgeable lawyer who can understand and explain to the court the guy didn't "steal" anything.

However, if the homeowner broadcast his network for anyone to easily obtain an IP and login without any stoppage by the homeowner's network, then it is not wrong and the hacker should be released and charges dropped.



Oh I get it. If I leave my keys in the car in my drive way then anyone has the right to come take it for a spin. Thanks for the clarification. :rolleyes:

Oh I get it. If I leave my keys in the car in my drive way then anyone has the right to come take it for a spin. Thanks for the clarification. :rolleyes:Perhaps a better analysis would be to get arrested for watching an OTA TV signal. The data stream is out there, not password protected, not encrypted, the owner of the data may have no reasonable expectation that others will not view / utilize that data stream.

Oh I get it. If I leave my keys in the car in my drive way then anyone has the right to come take it for a spin. Thanks for the clarification. :rolleyes:

so if you park your car in my livingroom I not expected to do something with/about it? I get about 3 different unencrypted WiFi signals in my place and you are telling my I can't use them?

This is the same thing that happened with sat. TV back in the day. People were getting it for free before it was being encrypted. It was ruled that that practice was totally legal.

For the record, I don't use my neighbors WiFi. I use my own since it is encrypted.

http://news.yahoo.com/news?tmpl=story&u=/ap/20050707/ap_on_hi_te/techbits_wi_fi_theft_1

They did a bit on the news a week or two ago about people not having their WiFi networks secured. It was kinda funny becuase of some of the things they said (were wrong). They did make a point that you can get in trouble if someone uses your network to do something illegal (spam, porn, etc.).

WiFi networks broadcast themselves and make themselves known as well. If you don't have it secured, in essense you are asking folks to use your network.

Obviously this case the culprit is doing something very suspicious (sitting in a car outside a house), but if this were in a city, who is to know if the wifi network you are joining isn't public use or someone's apartment?

Oh I get it. If I leave my keys in the car in my drive way then anyone has the right to come take it for a spin. Thanks for the clarification. :rolleyes:

Wrong! You don't get it! Your car is a licensed vehicle and you own the title to it. Cash money is not licensed to you and neither is the RF signal that is broadcast from a wifi router that also is not secure.
What you need to get is that a person has a responsibility to be reasonably prudent to protect his negotiable property.

Buy a car, never register it, never license it. Drive it out on the street and abandon it with the keys in it. I come along and claim it as mine and register it in the state! Guess who will lose the car? Vurbano- You are usually smarter than that! Some people I would expect a rebuttal like you posted but not from you!

Additionally, the Geneva convention and the FCC regulations permit one to receive any unencrypted and open access RF signal they want to without restriction or license. That is true whether the transmission is licensed or not. In this federal and international law alone the case should be tossed if the homeowner failed to encrypt his network wifi.

In Omaha as I was getting my wireless network setup, I noticed that I seemed to have an extra "linksys" signal available. I realized that it was my neighbor. When I was in my bedroom his AP was closer than mine. The computer would sometimes automatically lock onto his signal. When I realized what was happening, I made sure my names were specific and my system was encrypted. Right now I am still getting my system set up so that I can pick up my network next door in my church office. (With all the concrete block walls and steel it is more of a hassle than I had hoped.) Right now I have no encryption on, to make it easier to get the repeaters programmed. So far, I have not picked up another network in the neighborhood. Between the church, a large open lot the church owns, and some elderly neighbors I don't seem to have much competition.

But, to go back to my first example, when my computer automatically connected to the best available unencrypted signal, that didn't happen to be mine, was I stealing?

"Obviously this case the culprit is doing something very suspicious (sitting in a car outside a house),"

DannyR- I recall doing just that. I stopped on a residential street and needed to get directions to a location. I grabbed my PDA and loggerd onto one of many open access wifi's I saw in my list. Did a quick search for the address and then brought up Mapquest too. I guess that made me a suspect of something in your mind. In this case the devil is in the details. But we should not jump to conclusions until the facts are all present. There is nothing obvious in what this guy did other than being an opportunist on a service the homeowner was freely giving away.

"But, to go back to my first example, when my computer automatically connected to the best available unencrypted signal, that didn't happen to be mine, was I stealing?"

If your conscious says you were, just ask Jesus for forgiveness of your sin and all will be well. But don't worry about man's laws.

Oh yes, a warning about your religion, If you do ask Jesus to forgive you he may ask you to make an act of contrition (or was that the Catholic dogma) and go pay that neighbor some restitution for your theft. Don't think Jesus will just let you off for saying "I'm sorry" Are you sorry you asked? :)

.............Additionally, the Geneva convention and the FCC regulations permit one to receive any unencrypted and open access RF signal they want to without restriction or license. That is true whether the transmission is licensed or not. In this federal and international law alone the case should be tossed if the homeowner failed to encrypt his network wifi.
I believe it's the FCC act of 1934 that makes receiving ANY broadcast RF signal in the US perfectly legal. It's what allows the use of radar detectors sans D.C. and Virginia. After all police radar is nothing but a radio signal and a radar detector is nothing but a radio receiver. Conversely the people broadcasting the signal have every right to secure it.

I have seen new reports where reporters drive around with a "computer expert" and sit in front of houses and log onto unsecured networks to demonstrate to the public. They should all be jailed. There is video evidence of these horrible crimes that was broadcast on the evening news.

If the guy didn't break through some type of encryption then he be exonerated.

horrible crimes?

"It's what allows the use of radar detectors sans D.C. and Virginia. After all police radar is nothing but a radio signal and a radar detector is nothing but a radio receiver."

Yes, and I know that. Also, include Connecticut. The conflict in the law is that those states claim their right of restriction is "in vehicle" use. Radar detectors are not illegal to have and use in those states except in a licensed vehicle. There are many lawful restrictions that are in effect when you associate them with a licensed vehicle. I do a lot of work in Virginia and I once discussed this with an attorney in Richmond at some length so I could get a good grasp of both sides of the issue. If you don't live in that state then you may not be aware of how bad the consequences are for using a radar detector and getting caught. Take my word for it, you don't want to get caught if the cop is in a bad mood!

.........I do a lot of work in Virginia and I once discussed this with an attorney in Richmond at some length so I could get a good grasp of both sides of the issue. If you don't live in that state then you may not be aware of how bad the consequences are for using a radar detector and getting caught. Take my word for it, you don't want to get caught if the cop is in a bad mood!
Yep, I drove through VA a few years ago and it seems I remember signs near the state lines warning that radar detectors were illegal. In Texas they are illegal in commercial vehicles like 18 wheelers. However, these state laws usurp the federal law allowing their use. If someone had the time and money they could probably get these laws overturned. I've had a radar detector since the 1970's. The one I have now detects 6 radar bands and three wavelengths of lasers. It has saved my butt dozens and dozens of times.

Back to topic - The short article didn't mention whether the guy hacked through encryption. IF he did then he should be charged. IF he didn't then he should be let go and the homeowener charged with being an idiot. ;)

the homeowener charged with being an idiot. ;)

Could you imagine? The courts/jails would be full! :lol:

Yes, and I know that. Also, include Connecticut. Radar Detectors have been legal here for about 7 years now (if not longer)

Before i got my Treo 650 it would not be uncommon when I was out to need to use my laptop and needed net access, it never took me any time to drive into any neihborhood until I had myself a free broadband connection. I was able to get my email or directions I needed and was on my way.

Next thing you are going to see is the banning of these keychain Wifi finders.

I think this is stupid.

Scott- There are still some signs up down near NYC area that warn about the RD's.

Lock me up and throw away the key, I'm guilty as sin. I jump on wireless networks all the time, before I did a hard reset on my PDA, I had a list of upwards of about 70 different WLANs (not including ADHOC WLANS) I connected to since I got the thing in December. Nearly every time I go to a restaurant, after my order is taken I take out my PDA and see what I get and most of the time I do get a connection with the SSID of Wlan, Linksys or Netgear. Now what I do is I use the Mobile XMStreamer and actually listen to XM via internet streaming with my PDA and outputting it to a pair of headphones. I check my email, browse here and other sites like Yahoo News and such. One time when I was going to a friend of mines house for the first time, I pulled in at a diner turned on my PDA had access to the 'Chang Family' network, went to MapQuest and got directions.

Legal? Ethical? I really don't care honestly. I’m just surfing, not downloading anything, or browsing through shared folders. Not saying I wouldn't do that, but on a PDA there is no equivalent of My Network Places (or at least that I know about) you have to type in the full UNC path to get to a shared file.

My wireless network is unsecured. Living in a rural wasteland I have 5 neighbors, 2 of them don’t own computers, one of them (my Uncle) is on AOL dial up. My end of the street doesn’t get much traffic. Besides my wireless signal barley reaches to the end of drive way. There is only one house that could pick up my signal realistically and they don’t own a computer.

"But, to go back to my first example, when my computer automatically connected to the best available unencrypted signal, that didn't happen to be mine, was I stealing?"

If your conscious says you were, just ask Jesus for forgiveness of your sin and all will be well. But don't worry about man's laws.

Oh yes, a warning about your religion, If you do ask Jesus to forgive you he may ask you to make an act of contrition (or was that the Catholic dogma) and go pay that neighbor some restitution for your theft. Don't think Jesus will just let you off for saying "I'm sorry" Are you sorry you asked? :)
I did better than paying him restitution. I told him he should encrypt his open system, and suggested a few other precautions he should take.

Nearly every time I go to a restaurant, after my order is taken I take out my PDA and see what I get and most of the time I do get a connection with the SSID of Wlan, Linksys or Netgear.

FYI - don't do this on a date/with the GF/with the wife. :D

I agree with Don. It's really a non-issue. When the SSID is broadcast, it's an invitation to use the network.

Having said that, though, I think the router manufacturers should change the default setting to "not broadcast" the ID. Sort of like changing the default when you're leaving the car from "don't lock the doors" to "lock the doors." Let those who want to operate an open network actively choose that option.

My wireless router is about 6 feet from my notebook, yet I still sometimes "see" neighboring network choices. I convinced my nearest (about 150') neighbor to stop broadcasting, so what I'm seeing is coming from farther away than that!

My neighbor's LaserJet 6 keeps appearing on my network!

Last weekend I was in LA, we were in Denny's having breakfast and I had my notebook open, up popped the wireless network configurator and politely asked if I would like to connect to any of the three totally unsecured wirelesss networks it had found.

So we connected to one, surfed the net, and my friends laughed when I complained that I must have found the slowest unsecured network in the west coast. I didn't break into anything, it was wide open.

BTW no one has yet managed to get into my own wireless network.

BTW no one has yet managed to get into my own wireless network.Just curious... How would/could you know that?

I know just enough about wireless to make mine work with encryption and MAC address filtering, but I've often wondered how I would know if someone actually penetrated my defenses and didn't do anything destructive.

Just curious... How would/could you know that?

I know just enough about wireless to make mine work with encryption and MAC address filtering, but I've often wondered how I would know if someone actually penetrated my defenses and didn't do anything destructive.

I check my router logs.

I was just going to post that. :) I usually check my log once a month if I remember. So far in nearly a year on my unsecured wireless network, 4 MAC addresses have been logged by my router, my 2 PCs, PDA and wireless print server.

The one step I did take to somewhat secure my connection, besides not broadcasting the SSID and changing the default password/username on the config page was setting my router to G only, but after I got my PDA I had to go back to B/G.

I just got back from a brand new restaurant/sports bar in town. I noticed they had a sign by the main entrance the said something like "wireless high speed internet friendly". I know these places have been around for a while but it's the first time I've seen a sign for it. Heck, it might even help their business.

The more I think about it, the sillier I think this case is. I'd really ike to know how it turns out. :)

More and more hotels are putting in various forms of wifi and wired highspeed internet to attract thr business traveler. Last month I discovered a Howard Johnsons, in the stick/swamp lands of Florida. It was a modern day oasis. The dining room had one of those wifi friendly signs and the hotel rooms Priced at $60 a night had wired ethernet with no surcharges, just hook up and log on. I will be needing to travel into that region more and more with my business so they will certainly get repeat from me! I asked at the desk and was told that Howard Johnsons around the nation are installing these to improve their business traffic. In the past I always found room ethernet service was only for $150+ a night rooms.

I just got back from a brand new restaurant/sports bar in town. I noticed they had a sign by the main entrance the said something like "wireless high speed internet friendly". I know these places have been around for a while but it's the first time I've seen a sign for it. Heck, it might even help their business.

The more I think about it, the sillier I think this case is. I'd really ike to know how it turns out. :)

I'm surprised I haven't seen anything at McDonalds advertising their WayPort connections. Every McDonalds I've been to since I got my PDA has Wifi, but I believe it costs $3 for two hours or something like that. As soon as you launch IE you get redirected to the Buy Time page. But what's the point. Out of the 5 Micky Ds I circulate, at 4 of them I can also pick up an unsecured connection and surf for free. I’ve see WiFi hot spot signs at a few truck stops off of the NYS Thruway and the restaurant where my moms cousins 60th Birthday Party was held had free access but I didn’t see it advertised anywhere.

While advertising that a bar/restaurant is a hot spot would make me think twice about which place to stop into, there are so many unsecured connections out there it’s a moot point for me.

I just got back from a brand new restaurant/sports bar in town. I noticed they had a sign by the main entrance the said something like "wireless high speed internet friendly". I know these places have been around for a while but it's the first time I've seen a sign for it. Heck, it might even help their business. An article I read recently (don't remember where) mentioned that some coffee-shop businesses are beginning to do away with or charge for access. They're finding that too many people order a drink and then park in their stores for hours. Meanwhile, other paying customers can't have a seat. Access brings the notebook users in, but unfortunately it keeps them there, too. Considerate users will place another order, of course, but the store owners aren't finding enough such customers.

I check my router logs.Thanks for the reply. I probably should have known there would be a log...

Thanks for the reply. I probably should have known there would be a log...

I learned something tonight about how vulnerable my wi fi might be. Can anyone advise me how I can check my log? I have Linksys WRT54G router....

Many thanks, Doug

Here in Portland, there are many, many free, open WiFi "hotspots" run by volunteers and businesses. I think that anyone who doesn't lock down a WiFi access point should be considered as providing a free service.

In Texas they are installing w-fi at the all the state parks and some roadside rest areas. Cool! :)

In Texas they are installing w-fi at the all the state parks and some roadside rest areas. Cool! :)

One of the cities in Tx is installing WiFi all around the down town or something. I know Baton Rouge, LA has a large area of WiFi downtown.

Downtown area - from North Street south to the Mississippi River Bridge, and from the Old State Capitol area of River Road to as far east as Russell B. Long Federal Courthouse - free access offers limited bandwidth speed and no VPN.

Free WiFi site (http://www.wififreespot.com/)

I have my Wi-Fi to work with any available system in range. I really don't go into the setting to see which one I'm using. If I'm out and about and I lose service. It notifies me if I need to log on with a security pass word. If anyone illegally accesses by hacking, they should be punished. If a person is stupid enough to allow unrestricted access then they are just nice & generous or just plain stupid. If the authorities are involved, it was a hack job. Case closed.

Iowa rest stops are all equipped with free access. We have one community in Iowa that is the test for providing access all through the business section. My town is one that is part of a group of communities exploring the possibilities. Of course the cable and telephone companies are protesting furiously.

My broadband carrier specifically does not sell DSL Modems/Gateways with wireless capability because of how people don't lock down the access. I ended up purchasing my own gateway for Internet access.

The main reason why I have wireless access at home is so that my mother's computer (which is located in another room) could use the broadband, and I didn't want to run a network cable. For the first three days, my access point was wide open until I could find time to lock it down. During that time, no freeloaders.

Then, I tightened the screws. First thing: Turn off SSID broadcasting. Reasoning: If I don't advertise my presence, I won't get freeloaders.

Second thing: Switch on 11g wireless only. If I read the specs correctly, 11g has a shorter range than 11b. This still covers the entire house.

Third thing: MAC address filtering. Only three MAC addresses are allowed on my network: My moms PC, my laptop, and a friend's laptop. Everyone else gets "no access". It's very hard, but not impossible, to fake a MAC address.

And, yes, I changed the SSID from my manufacturers name to another name. :)

It is my opinion that if you make your access point hard enough, most people will move on.

The only restaurant that I know of that offers free wireless Internet is Brookfields. Pretty good food. Also, California State University allows unlimited wireless access with a student login and password. And, some cruise ships (for a price) will allow you to use a laptop to hook up to the Internet.

Of course, it's interesting that where I am sitting at work right now, there is a wide-open Internet access point that is easily accessable. :(

"Turn off SSID broadcasting. Reasoning: If I don't advertise my presence, I won't get freeloaders."

Let me offer another opinion-
Turning off SSID, I don't believe offers you any protection. I see them still popup on my IPAQ with no name listed. Static IP, WEP or similar, and Mac filtering will get you some protection from the casual WiFi road warrior. If you need anything more than that because you are trying to protect some highly sensitive stuff, then you are better off isolating that sensitive stuff from the outside world. My opinion is if someone really wants to get into your system bad enough they will. The concept here is to prevent people like me from piggybacking on your bandwidth because you left it wide open and inviting. I don't have any idea how to hack passwords and WEP and don't care to learn. For me, I simply move on and either find another open access point or allow my IPAQ to log into GPRS.

The issue of government run WAP's otherwise known as taxpayer supported WAP's is that the government may decided to form their own monopoly and go into the ISP business for it's community. Then force the current ISP's out of business. I have mixed feelings about this but I tend to side with business and then have the government regulate the service much like they do TV, Power, and other communications. The biggest fear is the Government decides to tax the bandwidth. So far Congress has a moratorium on this but for how long?

"Then, I tightened the screws. First thing: Turn off SSID broadcasting. Reasoning: If I don't advertise my presence, I won't get freeloaders.

Second thing: Switch on 11g wireless only. If I read the specs correctly, 11g has a shorter range than 11b. This still covers the entire house.

Third thing: MAC address filtering. Only three MAC addresses are allowed on my network: My moms PC, my laptop, and a friend's laptop. Everyone else gets "no access". It's very hard, but not impossible, to fake a MAC address."

None of that will take more than a couple seconds to crack :) SSIDs are easily discovered, broadcast or not and 11g has the same range as 11b :) It just means you can't add an 11b device...

The MAC filter is the only security you really have, and it's very simple. Personally, that's all I use... I find it adequate IMHO since I'm not too worried... as long as my network is harder to access than my neighbor's :)

The MAC filter is the only security you really have, and it's very simple. Personally, that's all I use... I find it adequate IMHO since I'm not too worried... as long as my network is harder to access than my neighbor's

Ditto...

"Turn off SSID broadcasting. Reasoning: If I don't advertise my presence, I won't get freeloaders."

Let me offer another opinion-
Turning off SSID, I don't believe offers you any protection. I see them still popup on my IPAQ with no name listed.

yep, I get a row of blocks instead of a name.

The issue of government run WAP's otherwise known as taxpayer supported WAP's is that the government may decided to form their own monopoly and go into the ISP business for it's community. Then force the current ISP's out of business. I have mixed feelings about this but I tend to side with business and then have the government regulate the service much like they do TV, Power, and other communications. The biggest fear is the Government decides to tax the bandwidth. So far Congress has a moratorium on this but for how long?
The issue from the standpoint of small towns, mine in particular, is that the cable co. currently has a monopoly. No DSL available. Unless you want to try a satelite based service, which is not really competitive, you have one choice. Municipalities are looking at providing competition. The cable companies of course don't want competition. Personally, I think just the threat of competition can only be a good thing.

Bogy- No problem with service coming from the government if they choose to operate like a business but if they decide to use tax money to compete with business then this would be unfair as it would force a business and consumers to pay for something that they don't want. Of course this is the same as public vs. private schools and school taxes too. There is no real goos one solution fits all but in a small market such as yours, there is no competition for the one vendor you currently have because it is essentailly not a good business environment due to the size of the market. In a city like Jacksonville, we have a number of competitive options for internet service, not counting the sat. DBS which I agree is not price competitive at all. In addition to dealing with the cable company, you can buy your "cable" ISP from other vendors as well. My assistant hates dealing with Comcast, so, he buys the cable service from Mindspring and feels better even though it's still cable. We also have "Clearwire" which is an RF wireless service. T-Mobile and Verizon have also entered the picture locally and I believe Sprint and Cingular as well but T-Mobile is the only one that is competitive with cable, DSL, and Clearwire. Bottom line, larger communities often have many options. But, like in Philadelphia, those options exist as well and then the government steps in and puts them all out of business with a taxpaid "utility" for all. It's hard to say if the cost is better or worse. What about business connections that now have no economical ISP and have to rely on the government high speed service. Can they supply that competitively? Worse, is if the government decides it's service is not working from a sales viewpoint and decides to outlaw the ISP's to force everyone to use the government service. I suppose this is my biggest fear that will happen.

FYI - don't do this on a date/with the GF/with the wife. :D
Actually - with my neighbors that would be a GOOD thing.

They're hams and their house is COVERED with antennas. :)

I think the router manufacturers should change the default setting to "not broadcast" the ID.For several deep technical reasons, that doesn't really make any difference.

There are programs out there that can find networks that don't broadcast their SSID. Kizmit and Net Stumbler being the two I heard about.