• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

A Thread About The Legality of Using Others Bandwidth- Renamed From the Original

Status
Not open for further replies.
c_canuk said:
If you child is standing on your doorstep calling out "free cookies", and I come over and say, "may I have one?", and the child says "sure" and gives me one... is it theft of your cookies because you didn't know your child was doing that?

on the other hand if I see your child eating cookies in your yard quietly and pretend to be you, try to Con my way into getting a cookie, or wait till the child's back is turned to get a cookie, that is most definitely theft.

Your example actually proves my case.......since a child cannot offer consent its theft both times.
 
a child cannot offer an adult a cookie?

OK, your legal aged room mate who you have delegated power of attorney over your cookie stash to without setting your terms of service and expectations then. :)

you still are advocating legislating thought control and mind reading into the judiciary process.

 
With the exception of a very few very small bands - the Industrial, Scientific and Medical (ISM) bands - there is no “public” spectrum. All spectrum, save the ISM bands, are allocated (a technical term with a precise legal meaning) to a service (a type of use: Broadcasting, for example, or the Radiolocation (mainly radar) service). Spectrum may then be either assigned (another precise legal term) to one user in one place – usually through a licence, or may be ‘opened’ for general use, usually on a licence exempt (yet another legal term) basis.

The channels you use on your cellular/PCS phone are assigned to Bell or Rogers or one of the other companies. The carrier pays licence fees for the ‘right’ to use that spectrum (specifically to allow it and its paid subscribers to use that spectrum) and it may have had to buy those rights at auction.

Although the licence exempt (LE) spectrum is more ‘open’ it is carefully bound by both technical and procedural rules. Those procedural rules are designed to permit certain types of service under certain conditions. It is difficult, maybe impossible, to:

• Define, in a procedure and with sufficient legal exactness, who may use e.g. a wireless router and for exactly what purpose; and

• Craft technical regulations that make up for the lack of procedural precision.

The intent of the regulations is clear, however: these devices (wireless routers and even higher powered wireless access points) are intended for use in a very confined area: one residence, one coffee shop, etc. It is legal and proper to add a high gain antenna and a range extender to increase the ‘service area’ to include e.g. a very large house or even outbuildings on a property. The government (most governments, as far as I know) have, however, stayed far away from saying that your wireless router is or must be for your exclusive, personal use. The ‘digital commons’ movement has made an effective case that LE spectrum must be flexible to accommodate innovative use.

Let me give you an example: a group of residents (probably Linux/open source folks) in a high-rise decide that it is not sensible for each of them to pay for high-speed Internet access so they form a sort of ’cooperative’ (a collective or even commune, if you like). One member signs up for the best available highest speed service and buys an 802.11n wireless router with a couple of high gain antennas. All members of the commune share the up front capital costs and the monthly service fees. Some members may have to buy a wireless adapter and even a range booster but, eventually, all have quite legal access to the Internet using one ‘wired’ connection and a wireless router.

In (technical) theory the commune could leave its router ‘open’ and, create a ‘campus area network’ of sorts because the high gain antennas extend the signal (at workable levels) both up and down two floors within the building and to one or two other high-rises across the street. Fortunately, for the members of the commune, a lawyer told them that they might have some legal liabilities for some uses of their network and that it would be impractical to limit their liabilities in the way that a commercial organization (Starbucks, for example) can by either limiting coverage to a very confined space and posting public notices (including ‘notices’ on an automatic LAN portal).

They have to adopt another strategy and make ‘free’ access available only to members. In other words they must secure the network and then issue the password only to paying members – which is what universities, for example, do. (The members of the university digital commons do not pay directly – membership is a ‘benefit’ of being on staff or a student, etc.)

They have created a ‘campus area digital commons’ without the normal definition of membership in some defined group – instead they have adopted an “all guns within range” approach. But, in order to avoid the rocks and shoals created by a mishmash of national and international laws and regulations, it is absolutely necessary that the ‘open’ spectrum be used in a PRIVATE manner.

The law is unclear, despite being written with a relatively few, unambiguous words in e.g. the Criminal Code; it is, indeed, a very grey area. But, the intent of the law is clear enough – the owner of the wireless device can be called to answer for its use.* The owner(s) need(s) to adopt some self defence mechanisms aimed at limiting liability. Public notices will do IF they can be seen by everyone within the radio signal’s coverage area. Encryption is the better choice.

”Theft”, I suggest, is not the real issue.



--------------------
* Another caveat: the regulations that allow radio owners to be called to account (maybe in a court) were, originally, designed to control RF interference, but some lawyers suggest that they can be used to fix responsibility for other issues like child pornography, identity theft, etc. Judges will decide that, maybe.

 
c_canuk said:
you still are advocating legislating thought control and mind reading into the judiciary process.

No we are not.  You are grasping at straws.  It is really quite simple to prove in the courts should some one seriously want to do so.  If you were to be arrested, and you laptop confiscated, it is a simple matter of retrieving the data from it to prove whose IP address you have been using.  It is not a shade of grey, it is black and white and recorded in the memory of you laptop.  The very nature of how the memory of your computer is designed, makes the erasing of all data on it next to impossible without totally destroying the device.

No thought control or mind reading involved.  You sit within the range of my WiFi, which is what 25 to 50 meters, with a laptop and it is very suspicious.  You step onto my property to get better reception, and that suspicion intensifies.  The police come and arrest you and confiscate your laptop, and check your most recent IP address and find it to be mine, and guess what?......................You are a thief.  My router is on Private Property, serving my home.  You knowingly abused my trust.

No Thought Control.  No Mind Reading.  No Straws.  Simple deduction of observed events.
 
wow - good arguments and info folks.  Real interesting reading.  Have to admit the arguments presented have made me take another look at this subject and realize it is not so cut and dry as I thought. Still feel it is wrong to piggyback without the owners permission and that it should be illegal but maybe what seemed a clear law is not so clear after all. Would really like to see this one go to court to test it and clear up the case some.

Thank you all for making such informative posts.
 
CountDC said:
... it is wrong to piggyback without the owners permission ...

That's correct, but as Bill Clinton might say, "It all depends upon your definition of 'wrong.'"

But words like 'legal' and 'theft' ought, for now and the next few years, be checked at the door.

There are 'laws' on the books but some of those laws are of dubious value because they have not yet been tested in a court. For a variety of reasons neither crown prosecutors nor the lawyers for the big telecomm carriers have seen fit to bring a case. Some would suggest the prosecutors are just being good managers of the public purse. I disagree: I think they are staying out of court because they doubt they can win and they are duty bound to lay charges only when they believe that there is a good chance of a legal victory. I suspect the big telecomm carriers are avoiding court challenges to the 'digital commons' movement for a similar reason: an untested law on the books is (slightly) better than a law that has been tossed out of court and rendered totally useless, not even fit to be a vague threat. 
 
ERC, you're probably right.  The authorities are likely to avoid prosecution except in cases of blatant maliciousness, and where there is more than adequate proof of the offence.

Wireless router and WAP manufacturers are never going to produce equipment that is set to anything but the lowest security settings by default.  If they were to force people to use higher security settings, they would be inundated with trouble calls and equipment returns because people can't be bothered to familiarize themselves with the security aspects of their equipment.  Let's face it - setting up the security on a wireless router is a PITA; even seasoned IT professionals can think of things they'd rather do than set up a secure wireless network.  But until people start using three tiers of security (disable SSID broadcasting, enable MAC address filtering, and enable WPA2 protocol with long passphrase), other people will continue to misuse their wireless network.  There are lots of resources available on the WWW to learn how to enable security - nobody has any excuse for running an open network unless they intentionally wish to.
 
I was going to throw this post up earlier but the anger management team put the straight jackets on...


since it's re-opened i will put some food for thought up on this directly from the hardware vendor... Pay particular attention to number 4, it's proof the grey is there for debate. And also my reason for stating that the Vendors be the ones who have to change, not anyone else.

This is from linksys's own website on security.

http://www.linksys.com/servlet/Satellite?c=L_Content_C1&childpagename=US%2FLayout&cid=1169671217533&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=1753372680L05

Networking makes it easy to share Internet access and data. But you wouldn't want to share your information with just anyone. With a wireless network, your information is traveling through the airwaves, not physical wires, so anyone within range can "listen in" on your network. Below are five essential security measures you should take to secure your wireless network.


1. Change the default password
For wireless products such as access points and routers, you will be asked for a password when you want to change their settings. These devices have a default password set by the factory. (The Linksys default password is admin). Hackers know these defaults and will try them to access your wireless device and change your network settings. To thwart any unauthorized changes, customize the device's password so it will be hard to guess.
Show me how.

2. Change the default SSID
Your wireless devices have a default SSID (Service Set Identifier) set by the factory. The SSID is the name of your wireless network, and can be up to 32 characters. Linksys wireless products use linksys as the default SSID. Hackers know these defaults and can use them to join your network. Change the network's SSID to something unique, and make sure it doesn't refer to the networking products you use. As an added precaution, be sure to change the SSID on a regular basis, so any hacker who may have figured out your network's SSID in the past will have to figure out the SSID again and again. This will deter future intrusion attempts.
Show me how.

3. Enable WPA Encryption
Encryption allows protection for data that is transmitted over a wireless network. Wired Equivalency Privacy (WEP) and Wi-Fi Protected Access (WPA) offer different levels of security for wireless communication. WPA is considered to be more secure than WEP, because it uses dynamic key encryption. To protect the information as it passes over the airwaves, you should enable the highest level of encryption that is supported by your network equipment. Learn more about WPA.
Show me how.

4. Disable SSID broadcast
By default, most wireless networking devices are set to broadcast the SSID, so anyone can easily join the wireless network with just this information. But hackers will also be able to connect, so unless you're running a public hotspot, it's best to disable SSID broadcast. You may think it is more convenient to broadcast your SSID so that you can click on it to join your network, but you can configure the devices on your network to automatically connect to a specific SSID without broadcasting the SSID from your router.
Show me how.

5. Enable MAC address filtering
Linksys routers give you the ability to enable MAC (Media Access Control) address filtering. The MAC address is a unique series of numbers and letters assigned to every networking device. With MAC address filtering enabled, wireless network access is provided solely for wireless devices with specific MAC addresses. For example, you can specify only the computers in your house to access your wireless network. It would be very difficult for a hacker to access your network using a random MAC address.
Show me how.


 
Snafu-Bar said:
4. Disable SSID broadcast
By default, most wireless networking devices are set to broadcast the SSID, so anyone can easily join the wireless network with just this information. But hackers will also be able to connect, so unless you're running a public hotspot, it's best to disable SSID broadcast. You may think it is more convenient to broadcast your SSID so that you can click on it to join your network, but you can configure the devices on your network to automatically connect to a specific SSID without broadcasting the SSID from your router.

The part in red isn't entirely correct;  a hacker can easily join the wireless network if you're broadcasting SSID and they've cloned your MAC address and you've used an easily-guessed WPA2 passphrase (assuming you're using those security measures, and everyone should be).

No network is 100% secure.  The idea is to implement enough measures to make a hacker choose a lesser-protected network than yours.  Broadcasting your SSID is merely telling your router to scream "HERE I AM, I'M A WIRELESS NETWORK, CONNECT TO ME".  Preventing it from doing that is just one step in making a hacker's life more difficult.
 
Occam said:
The part in red isn't entirely correct;  a hacker can easily join the wireless network if you're broadcasting SSID and they've cloned your MAC address and you've used an easily-guessed WPA2 passphrase (assuming you're using those security measures, and everyone should be).

No network is 100% secure.  The idea is to implement enough measures to make a hacker choose a lesser-protected network than yours.  Broadcasting your SSID is merely telling your router to scream "HERE I AM, I'M A WIRELESS NETWORK, CONNECT TO ME".  Preventing it from doing that is just one step in making a hacker's life more difficult.

They we're merely pointing out to the user that unless they make the change ANYONE including a potential malicious user can connect without any hardships, passwords or hacking involved, and clearly called it HOTSPOTTING.

I was merely pointing out that LINKSYS's own black and white documentation clearly states thier hardware is OPEN for business. If anyone in this debate has a beef it should be with the hardware vendors for allowing it to be packaged insecure and broadcasting openly to your surroundings.

BUYER BEWARE!

Cheers.
 
First it's the account owner's fault for not securing the network, now it's the vendor's fault for making non-secure the default.  Believe what you wish, it is obvious that any attempt to continue this debate is a waste of electrons.
 
George Wallace said:
Pretty much so.

What is next on the program?

Enforced Universal Military Service?   >:D

Is that not the same as the old "Survival Program" mentioned somewhere else?
 
Michael O`Leary said:
First it's the account owner's fault for not securing the network, now it's the vendor's fault for making non-secure the default.   Believe what you wish, it is obvious that any attempt to continue this debate is a waste of electrons.

How true this statement is...

It's common these days to write-off personal accountability for your own actions as someone else's fault/problem.

Sad to see actually.
 
What about One soldier, one kit? is that blaming the victim?

Clearly some have their mind made up and will not debate the point.  If you don't want to debate the issue please don't bring a hostile tone in regards to those that do, just ignore the thread instead of implying that we are wrong and immoral for having a different point of view than you.

I don't think the other points of view think it's right to exploit an unknowing users wifi. We are debating which entity is responsible for securing the WAPs based on conflicting standards, common practices and levels of infrastructure and feasibility of options to prevent exploitation. I don't think anyone is trying to assign primary blame as we all know those that exploit a WiFi connection are the culprits, however we are arguing that other entities share in the liability due to negligence on all sides.

Our position is that your solution has a high probability of being both ineffective and dangerous. We are not interested in who is to blame, we are interested in how to best server all interested parties while at the same time protect those being exploited.

If it very hard to remain polite and keep the discussion within general academic arguments when people come in on their high horse and spout off indignant exclamations on how people these days are all degenerates. Exclamations that add nothing to the conversation I might add.

Can we all take a deep breath, realize we are mostly all on the same side here, and try to understand that we all have different points of view on many different subjects and agree to disagree or at least treat eachother cordially
 
c_canuk said:
What about One soldier, one kit? is that blaming the victim?
...

One modem ... one owner who's paying for it.

It ain't you.

Figure that out. Reverse your words and apply them to yourself. What's so hard about that?

And, word up ... one man leaves his kit sitting out at the canteen and you decide to take it ... guess what the MPs are charging you with?

Someone else owning it does not give you the moral or legal right to take it for your own use at will.

And you're right - I find it very hard to speak civily with those who'd profess to think that my leaving my helmet on my desk and my office door unlocked equates --- "free for the taking by them." A thief is a thief is a thief in my books.

When did this thread become a debate about "whose responsibility it is to secure wifi?"

I pretty much seem to view this thread as a "does an unsecured wifi give someone the right to use it without owner's consent and knowledge?" IE: A thread about the legality of using wifi that you don't own.
 
ArmyVern said:
I pretty much seem to view this thread as a "does an unsecured wifi give someone the right to use it without owner's consent and knowledge?" IE: A thread about the legality of using wifi that you don't own.

That's certainly where it was when this round of debate started (see replies 16 and forward).  It's not been the proponents of the "privately owned network" aspect that have continually introduced the red herrings of internet cafes, responsibilities to secure nets, free-for-use-by-default assumptions, etc.
 
the point is, your helmet doesn't call out "THIS HELMET IS FREE FOR USE" every 5 seconds when you leave it on the table, and there are no helmets intentonaly set that way that you can walk off with that it could be confused with.  - SSID Broadcast

nor is your helmet on a table marked "HELMETS FOR GENERAL USE" - OPEN SPECTRUM.

I'm sure if your helmet went missing and your supervisor found out you had left a label on it saying free helmet for use in a bin of helmets for general use, your position that it was theft would not be taken seriously.

I'm sure if helmets came from the factory like that the first thing that the issuee would be required to do on signing for it would be to remove said label and write their name on it (un checking broadcast SSID and Set Mac Filtering)

nor did anyone say it was right and proper to exploit a router where it was questionable if the user was intentionally leaving it open. the debate was how to solve the problem and you two are getting snotty at us who are discussing an academic argument and implying that we are criminals while ignoring our arguments in favour of resorting to ad hominim attacks that add nothing to prop up your point of view and certainly do tarnish the tone of the conversation and in a small way the reputation of the site.


please by all means defend your point of view, but if you can't argue without the angry bluster you may have to admit either your arguments are lacking in substance or you lack the background information required.

I agree with you, people DO NOT have the right to exploit other's routers, but banning connecting to unsecured WiFi's will not be enforcable in the vast majority of cases, will harm other users of the spectrum and add complications to public hotspots if not destroy them and criminalize those that accidentally connect to other's routers (if I have a router unsecured with the default SSID, and my neighbor has the same, the only way to tell which is which is judging by signal stength when standing next to the router, but that's not even fool proof if there is a cordless phone or other device on that spectrum causing interferance. Move to another room and your cell phone rings there is better than 50% chance it's going to drop for a second and the laptop will connect to the stongest one... better hope it's yours or by your definition your an evil criminal that needs locking up.

There is already an established precedent that routers are not following that solves the problem, the point of laws is to prevent infringements on other's rights, not cast blame so I fail to see the difficulty in requiring venders turn off wireless on the routers by default which solves all issues, rather than yours that doesn't do anything to stop the vast majority of culprits while causing untold harm to the innocent.

prove me wrong that your plan won't criminalize people in my scenario of same SSIDs

prove me wrong that inept users on laptops won't accidentally/unknowingly connect to other inept users routers

Prove me wrong that public WiFi networks won't be affected

Prove me wrong that the guilty won't be caught/detered

prove me wrong that it won't fundementally change how open spectrum is used.

and please stop trolling.   adding comments of no substance that are inflamitory in nature
 
c_canuk said:
I agree with you, people DO NOT have the right to exploit other's routers, but banning connecting to unsecured WiFi's will not be enforcable in the vast majority of cases, will harm other users of the spectrum and add complications to public hotspots if not destroy them and criminalize those that accidentally connect to other's routers (if I have a router unsecured with the default SSID, and my neighbor has the same, the only way to tell which is which is judging by signal stength when standing next to the router, but that's not even fool proof if there is a cordless phone or other device on that spectrum causing interferance. Move to another room and your cell phone rings there is better than 50% chance it's going to drop for a second and the laptop will connect to the stongest one... better hope it's yours or by your definition your an evil criminal that needs locking up.

Who has advocated banning connecting to unsecured routers?

I do believe the distinction between advertised hotspots and private routers has been made clear repeatedly, whay can you not leave that point alone?


c_canuk said:
prove me wrong that your plan won't criminalize people in my scenario of same SSIDs

Who has mentioned the criminalization of the network owners?

c_canuk said:
prove me wrong that inept users on laptops won't accidentally/unknowingly connect to other inept users routers

This has been discussed, and there was no directed intent against unintentional connections. Move on.

c_canuk said:
Prove me wrong that public WiFi networks won't be affected

So you believe that such a distinction cannot be made?  Despite your obvious inability (or unwillingness) to separate the two throughout this discussion?

c_canuk said:
Prove me wrong that the guilty won't be caught/detered

There has been open admission throughout this thread of the difficulties of identification and prosecution.  This has not been a necessary point for continued debate.

c_canuk said:
prove me wrong that it won't fundementally change how open spectrum is used.

How it will be used in a technical sense, or how some people will continue to massage their arguments to excuse their actions in using private networks simply because they are unsecure.

c_canuk said:
and please stop trolling.   adding comments of no substance that are inflamitory in nature

Please stop accusing others of "trolling", and please stop setting up red herring arguments and then trying to debate them instead of the central question.
 
c_canuk said:
and please stop trolling.   adding comments of no substance that are inflamitory in nature

I have to agree with others.  You are the one who should be following this little point of advice.  You have totally wandered off on tangents throughout this discusion.

Are you a thief or not by using access to someone's WiFi?  Yes or No?  It is a simple question.  It has nothing to do with what settings others have their routers set at or where they are.  It is a simple question; "Are you a 'Thief' if you knowingly access someone's private WiFi?"  This has nothing to do with Public, but with someone's personnal WiFi.  Are you a Thief or not by using Other's Bandwidth?
 
Status
Not open for further replies.
Back
Top