I live in an area of ffx where hi-speed alternatives are very limited. Just discovered that an unsecure net gear connection is available via my network card. Not too savy about such things.... Is ths an access that someone in my neighborhood is paying for? Is it unethical/rude or otherewise wrong to access through this connection?

It's possibly unethical but I don't BELIEVE it is yet illegal in Virginia to access an open point.

Listen, if it's for light surfing I say just do it.

My reaction to these situations is to do the person a favor... I log into the admin console of said router, usually the default admin pass is still in place when security is not in place. After that I just reset the name of the router to something like "This Moron Did Not Secure Their Router" or my other fav "This Router Is Open For Kid Porn Surfing"

I have a very specific opinion about this.

If you can afford internet access and are waiting for it to be set up or something, I think it's OK to ride their wireless access for little things, like checking email or something. Leeching off of them full-time is not cool, as they are paying for it, and excessive use can hamper their bandwidth.

On one hand, it's really easy to lock down your router from unauthorized use from an average user (i.e. one that doesn't know enough about computers to bypass security, which is the bulk of them), so they should have taken this precaution. On the other hand, it's not OK to abuse their lack of expertise.

--------------------------------------------------------------
13 4826 0948 82695 25847. Yes.

I think renaming it to kidpornnet as the ssid is funnier but go ahead and be ethical, mr maniphesto, if that is how you roll.

If you access an open point, can they see your web traffic?

Yes, you can sniff wireless traffic using tools like ethereal. That is crossing the boundary from unethical use of an open router, into an actual crime in my opinion.

Sorry, I wasn't clear. Can they, meaning the person who owns the open point, see web traffic of those who freeload?

Yes, they can. Anyone on a given subnet should be able to see all of the raw data passed through the router, if they sniff in "promiscuous mode". Ethereal works both ways, just like tcp/ip. The only caveat is that you need to be on the same channel as the person you are sniffing.. generally with home routers everyone already is. You also need to be in "monitor mode".

This wiki kinda sucks but has some of the basic info:

http://en.wikipedia.org/wiki/Packet_analyzer

I would be careful using a wireless that someone has left the security wide open. Some hackers do this to read all your internet traffic.

It is perfectly legal for a wireless router owner to read all the traffic and track someone's internet traffic using THEIR router; It is not legal to listen to wireless traffic of others for gain or to make the information public.(ie. Using a wireless sniffer to capture internet traffic on frequencies around you)

I would also add to be careful jumping on open wireless connections at conferences, these are perfect places for hackers.



Edited 2 time(s). Last edit at 07/30/2009 11:11AM by Lurker..

Or change the access password and rename the access point to 500tounlockpwn3dathotmail, at least make a little extra money off it while you are using someone else's bandwidth.

But no, I would not freeload off someone else's connection if I could afford to get my own. I'd be happy to note that it is there in case my own equipment goes bad and I need their connection to get by on until I'm back up and running.



Edited 1 time(s). Last edit at 07/30/2009 11:14AM by pgens.

RESton Peace Wrote:
-------------------------------------------------------
> It's possibly unethical but I don't BELIEVE it is
> yet illegal in Virginia to access an open point.

i believe that it is... it may not be specifically about wifi access points, but i'm sure they could think of something... you're basically stealing cable.

and yes, some people will set it up to get users like you on there and steal info...

i wouldn't order anything w/ creditcard :)



Edited 1 time(s). Last edit at 07/30/2009 11:21AM by bdimag.

Buy an extra wireless, they only cost about $40. Set the security to be wide open. Set the logs to track incoming and outgoing IP's. You can also turn on a sniffer to tsee exactly what the traffic is.

Wala, you can now see what porn your neighbors like and it's totally legal. Enjoy : )



Edited 1 time(s). Last edit at 07/30/2009 11:48AM by Lurker..

bdimag Wrote:
-------------------------------------------------------
> RESton Peace Wrote:
> --------------------------------------------------
> -----
> > It's possibly unethical but I don't BELIEVE it
> is
> > yet illegal in Virginia to access an open
> point.
>
> i believe that it is... it may not be specifically
> about wifi access points, but i'm sure they could
> think of something... you're basically stealing
> cable.
>
> and yes, some people will set it up to get users
> like you on there and steal info...
>
> i wouldn't order anything w/ creditcard :)

I can't disagree that some other non-specific law may cover it. Why chance it, right? I say save it for when you need to do something illegal covertly or harass people on FFXU under multiple names and IP's that can't be traced to you.

RESton Peace Wrote:
-------------------------------------------------------
> I say save it for when you need to do something illegal
> covertly or harass people on FFXU under multiple
> names and IP's that can't be traced to you.


G-d bless you, RP!

With my Dell, if there is a really strong connection, it auto connects pretty fast, normally within 30 seconds. It'd be hard to prosecute that since you didn't log on yourself, and you could just claim that you thought you were getting it off a Dell (or insert your computer's) hotspot.

I love computer vernacular.

What's worse? To be in promiscuous mode or to be a sniffer?

RESton Peace Wrote:
-------------------------------------------------------
> My reaction to these situations is to do the
> person a favor... I log into the admin console of
> said router, usually the default admin pass is
> still in place when security is not in place.
> After that I just reset the name of the router to
> something like "This Moron Did Not Secure Their
> Router" or my other fav "This Router Is Open For
> Kid Porn Surfing"


What a good idea! Time to go wardriving.

If you live in a townhouse or house you should be fine. When h4x0rz try to use wireless hacks they do it in busy areas were alot more people would connect. If a random hacker was doing it at his house the chances of someone connecting are slim. I have 1 open network and i monitor it and have never seen anyone else on it.

bdimag Wrote:
-------------------------------------------------------
> and yes, some people will set it up to get users
> like you on there and steal info...
>
> i wouldn't order anything w/ creditcard :)

oh yeah because nobody uses encryption! -_-

innernetz nowladge fail.


"the wisdom of the wise will perish, the intelligence of the intelligent will vanish."

I don't about Virginia law, but other states have charged people with theft of service. I remember reading about a police officer arresting a woman sitting outside a Starbucks that was using their free wifi. Because she hadn't bought anything from the store, he reasoned she had no right to use the wireless and charged her with theft of service.

Gravis Wrote:
-------------------------------------------------------
> oh yeah because nobody uses encryption! -_-
>
> innernetz nowladge fail.

i meant more along the lines of compromising the computer, not sniffing the packets.


RESton Peace Wrote:
-------------------------------------------------------
> I can't disagree that some other non-specific law
> may cover it. Why chance it, right? I say save
> it for when you need to do something illegal
> covertly or harass people on FFXU under multiple
> names and IP's that can't be traced to you.

this


ffxstoner Wrote:
-------------------------------------------------------
> If you live in a townhouse or house you should be
> fine. When h4x0rz try to use wireless hacks they
> do it in busy areas were alot more people would
> connect. If a random hacker was doing it at his
> house the chances of someone connecting are slim.
> I have 1 open network and i monitor it and have
> never seen anyone else on it.


good point

Theft of service would be the cable law.

You could be charge with a couple other violations of federal laws. Probably the most applicable would be

Federal Law
§ 2701. Unlawful access to stored communications
http://www4.law.cornell.edu/uscode/18/2701.html

old school Wrote:
-------------------------------------------------------
> I live in an area of ffx where hi-speed
> alternatives are very limited. Just discovered
> that an unsecure net gear connection is available
> via my network card. Not too savy about such
> things.... Is ths an access that someone in my
> neighborhood is paying for? Is it unethical/rude
> or otherewise wrong to access through this
> connection?


If this is a Public Network, such as the numerous "Hotspots" you find at Starbucks and likewise locations, then it is perfectly acceptable to access the Internet via such. However, if the Network belongs to a Private Residence, then you should be honest and upstanding enough not to bother with it. I used to have an Open Access WiFi Network in my Home, and sometimes I would find a neighbor or two connected to it through their computer, but more often than not they would disconnect as soon as they learned of the mistake (Through their own observances).

If you aren't intending to create an open hotspot, you should lock it down... that's just common sense.

If someone parks near enough to where you live and starts downloading childpr0n and MP3's, the authorities aren't going to buy the "someone must have glommed onto my connection!" excuse.

The Virginia Computer Crimes Act has a "Theft of Computer Services" provision:

Any person who willfully obtains computer services without authority is guilty of the crime of theft of computer services, which shall be punishable as a Class 1 misdemeanor.

http://www.longwood.edu/infosec/laws.htm


That sounds like it could apply to freeloading/piggybacking on your neighbor's wireless signal, but I'm not sure if any court has so ruled (the law dates to 1984, so I can't imagine the legislature was thinking in terms of wi-fi when they passed it).

About five years ago, I was (unfortunately) running a help desk in DC. One of the VPs had recently moved and all of the wireless networks in their new neighborhood were locked down. The VP couldn't understand why he couldn't get internet access on his laptop anymore and wanted to know how he could subscribe to one of the networks.

Normally I'd just find a misunderstanding like that amusing. But the guy had just returned from a stint as Assistant Secretary of State for International Organization Affairs. I think that makes it a more entertaining story.

pgens Wrote:
-------------------------------------------------------
> If you aren't intending to create an open hotspot,
> you should lock it down... that's just common
> sense.
>
> If someone parks near enough to where you live and
> starts downloading childpr0n and MP3's, the
> authorities aren't going to buy the "someone must
> have glommed onto my connection!" excuse.


If you have the logs, you can prove that someone else did it.

pgens Wrote:
-------------------------------------------------------
> If you aren't intending to create an open hotspot,
> you should lock it down... that's just common
> sense.
>

That, and the fact that many people intentionally leave their wifi open and unsecure specifically to allow anyone to use it would probably make it hard to be found guilty of theft of services.

If a neighbor left it open but did it out of ignorance, and calls the cops on you, it would be easy to explain to the officer that you assumed he was sharing it with anyone in the neighborhood, and that now that you know he wasn't, you will never use it again.


> If someone parks near enough to where you live and
> starts downloading childpr0n and MP3's, the
> authorities aren't going to buy the "someone must
> have glommed onto my connection!" excuse.

That's the real worry. I wouldn't mind sharing my wifi with neighbors who might need it because their connection is down, or whatever, but I really don't want a 4 am raid by the Fairfax County swat team and have all my computers seized because someone decided to post al qaeda videos or download kiddie porn through my wifi connection.

bdimag Wrote:
-------------------------------------------------------
> Gravis Wrote:
> --------------------------------------------------
> > oh yeah because nobody uses encryption! -_-
> >
> > innernetz nowladge fail.
>
> i meant more along the lines of compromising the
> computer, not sniffing the packets.

riiiight because 1337 h4x0rz are all over your neighborhood! if you are going to get hacked, it's not going to be by your neighbor, it's going to be by some jerkoff in china. if you are going to be "compromised," it's going to because you are some dumbfuck that falls for scareware and end up with a rootkit.



pgens Wrote:
-------------------------------------------------------
> If you aren't intending to create an open hotspot,
> you should lock it down... that's just common
> sense.

common sense isnt always logical or correct. you are million times more likely to be attacked by people that arent even on the same continent as you than billy the idiot boy down the street.


> If someone parks near enough to where you live and
> starts downloading childpr0n and MP3's, the
> authorities aren't going to buy the "someone must
> have glommed onto my connection!" excuse.

it happens to soooo many people! oh... actually no, i havent heard of that ever happening.

---

innernetz nowladge failz.


"the wisdom of the wise will perish, the intelligence of the intelligent will vanish."



Edited 1 time(s). Last edit at 08/02/2009 07:03AM by Gravis.

Gravis Wrote:
-------------------------------------------------------
> > If someone parks near enough to where you live and
> > starts downloading childpr0n and MP3's, the
> > authorities aren't going to buy the "someone
> must
> > have glommed onto my connection!" excuse.
>
> it happens to soooo many people! oh... actually
> no, i havent heard of that ever happening.

Google it, several examples were easily findable. Here is one:

http://www.koaa.com/aaaa_top_stories/x1895022538/Convicted-sex-offender-uses-neighbors-wireless-internet-to-download-child-porn

innernetz nowladge failz.



Edited 1 time(s). Last edit at 08/02/2009 07:41PM by pgens.

.
Attachments:

pgens Wrote:
-------------------------------------------------------
> Gravis Wrote:
> --------------------------------------------------
> -----
> > > If someone parks near enough to where you live
> and
> > > starts downloading childpr0n and MP3's, the
> > > authorities aren't going to buy the "someone
> > must
> > > have glommed onto my connection!" excuse.
> >
> > it happens to soooo many people! oh...
> actually
> > no, i havent heard of that ever happening.
>
> Google it, several examples were easily findable.
> Here is one:
>
> http://www.koaa.com/aaaa_top_stories/x1895022538/C
> onvicted-sex-offender-uses-neighbors-wireless-inte
> rnet-to-download-child-porn
>
> innernetz nowladge failz.

umm... the charged the correct person. you still fail.


"the wisdom of the wise will perish, the intelligence of the intelligent will vanish."

The "glomming" happened, which was the point of my note.

pgens Wrote:
-------------------------------------------------------
> The "glomming" happened, which was the point of my
> note.

Quote

> If someone parks near enough to where you live and
> starts downloading childpr0n and MP3's, the
> authorities aren't going to buy the "someone must
> have glommed onto my connection!" excuse.

"the wisdom of the wise will perish, the intelligence of the intelligent will vanish."



Edited 1 time(s). Last edit at 08/03/2009 07:02PM by Gravis.

Whatever, but even if you were right that it has never happened that person A, using an open wireless connection hosted/owned/set up by person B (and unknown to person B) downloads music, pr0n, whatever and person B was blamed or charged criminally with the crime, who would want to be person B and go through the investigative hassle?

Pgens is correct. I don't know why Gravis has such a hard on for making people look stupid, even when he is clearly wrong.

He isn't wrong if no one can find an example, but my point was someone can use your connection for ill and can make your life difficult. Maybe no one has ever been charged wrongfully, dunno. But I'd rather have the cops knocking on the neighbor's door instead of mine, so my connection stays shut.

RESton Peace Wrote:
-------------------------------------------------------
> It's possibly unethical but I don't BELIEVE it is
> yet illegal in Virginia to access an open point.
>
> Listen, if it's for light surfing I say just do
> it.
>
> My reaction to these situations is to do the
> person a favor... I log into the admin console of
> said router, usually the default admin pass is
> still in place when security is not in place.
> After that I just reset the name of the router to
> something like "This Moron Did Not Secure Their
> Router" or my other fav "This Router Is Open For
> Kid Porn Surfing"

Ha ha ha! Nice! I like to keep my neighbors in the dark so when my router craps out, I can steal their connection rather than getting off my fat ass and going to the basement to fix it.

----------------------------------------------------------------------------------
Being vague is almost as fun as that other thing.

pgens Wrote:
-------------------------------------------------------
> He isn't wrong if no one can find an example, but
> my point was someone can use your connection for
> ill and can make your life difficult. Maybe no
> one has ever been charged wrongfully, dunno. But
> I'd rather have the cops knocking on the
> neighbor's door instead of mine, so my connection
> stays shut.


It's like with identity theft. You aren't responsible for any fraudulent charges if someone steals your identity, but it is a serious pain in the ass to work it all out when it happens.

Like I said in an above comment, I don't want to be woken up at 4 am by a swat team kicking down my door and confiscating all of my computers. So I keep my wifi router secured.

As others have said, this is theft of services. Whether you'd get prosecuted or not is unclear.

ObAnecdote: At my sister-in-law's house a few weeks ago, I was turning encryption back on for her network (she'd disabled it to try to resolve a connectivity problem with one machine). There were 5 or so machines connected to her router, but only 3 in the house. One of the mystery machines identified itself as SHERIFF.

And there was a cop car sitting across the street; he'd been there the day before, too. After I enabled WPA and bounced the router, I never saw him again.

Coincidence?

Another Lurker Wrote:
-------------------------------------------------------
> As others have said, this is theft of services.

no, i leave my wifi open for others to use just in case they need it for some reason. i dont see a reason why some shouldnt share their internet service. if you put a throttle on unregistered devices, they cant suck up all your bandwidth. if you dont want to share "just because" then you are just being selfish. really, is sharing that bad?


"the wisdom of the wise will perish, the intelligence of the intelligent will vanish."