jdmax
join:2002-06-25
Minneapolis, MN | reply to G_Poobah
Re: The cluess come out in droves I am getting more and more frustrated with the lack of responsibility that the internet seems to be advocating.
For those who are preaching that responsibility belongs with the owner of the AP for allowing an open access point really are pushing the blame away from where it belongs. Which unfortunately if becoming more commonplace with the younger "everything is somebody's else's problem" generation.
The constant banter about no damages were done because the internet isn't metered (mostly) has little bearing on how the legality of this issue will be determined. The above post about water overflowing onto the sidewalk and somebody using it attempts to illustrate the lack of damages that can be sought.
The problem here is when we add intent and/or expectations into the equation. If the expectations of the homeowner is such that it is not their intent or expectation to openly share their internet access then this takes priority. The assumption in the water example shows the commoditization of water and the expectation of the homeowner is one of indifference.
My guess is that the manufacturers will begin configuring their equipment to match consumer expectations. And I wholeheartedly believe that the expectations and intent of the majority of AP owners is NOT to openly share it with unauthorized passerbys.
On to intent of the AP "unauthorized" user or the person who rolls up in their vehicle, parks outside somebodies house and uses their internet through the unsecured AP.
The above post states that "it's not MY responsibility as a laptop owner to prevent my device from talking to your device which is shouting 'talk to me! use me! I don't authenticate!" This much is true. But it is that users responsibility to disconnect or at least not use that AP unless they have determined that the intent of the owner is to allow free access. Anybody smart enough to sit outside somebodies house and search for open AP's knows that they are accessing somebody else's internet access.
How many of these people would go knock on the door and ask the owner of the AP if it was ok to use their connection? Not too many I would bet. If they were so sure that the owners intent was to openly share their AP then this shouldn't be a big problem. But the chicken scat's prefer to hide out in their car justifying it to themselves by saying, no damages, no problem and if it the owner didn't want to share their internet access they wouldn't have an open AP.
This is where the intent of the person using the open AP comes into play. Their intent is to use somebody's internet connection for their own use without confirming the owner's intent. And if the intent, irregardless of actual damages, is to use something that you do not pay for then that person is in the wrong. No matter how they may want to put the blame back on the other person for not securing it.
Unfortunately there is a disconnect between technology (shipped open AP's) and consumer intent. New technology always causes these types of discussions and problems. I'm sure cars didn't come with keys until people started stealing them. And I can hear the same lame excuses, "if they didn't want their car stolen they would have locked it up."
The whole situation is actually a pretty sad commentary on this society.
Hopefully the manufacturers will correct the problem by somehow shipping the AP with security on and making the AP open a conscious act by the consumer. This would be the responsible thing to do by the manufacturers. Until then the law and any new laws will sort it out.
And personally, I hope they throw the book at that person and make an example out of him. Throw him in the same cell with all the spammers and malware authors. It's too bad that even if they tossed the book at him and gave whatever maximum sentence is possible that it would not be enough to change the thinking of those that believe "If you don't want me to steal it, you should lock it up."
|
Reviews:
 ·AT&T U-Verse
 ·Comcast
| Ok, I'll counter the first part of your message here.
I ran a wireless AP up until today when the wireless card in the one computer that was using it died and I decided it would be better to run a cable to that location rather than buying a new wireless card. After all, it was only 17 feet away and I have numerous ethernet cards laying about and a 20 foot cable in a box sitting right there. Free fix. So I disabled the wifi. Doesn't get any more secure than that.
During the year that I had the AP active I did not bother with WEP, MAC filtering (on the AP side, i used MAC filtering on the ethernet side because my firewall is configured to allow greater access to my LAN from the ethernet and I don't want some arse plugging in to one of my outside CAT-5 jacks and getting into where I don't want him), I DID turn off DHCP, and that was the only security measure I took.
If someone wanted to connect and was able to figure out what IP range I was using, my DNS server and gateway addresses, then they were more than welcome to the 1mbit of shared wireless bandwidth I allowed (wit the 56k upstream my packet shaping would allow them). I have 4mbit downstream and 384k upstream so it is unlikely that I would notice during normal browsing. No big.
Now, if someone were to clone a MAC addredd from one of my ethernet-connected systems and plug into one of my outside CAT-5 ports and do the same, possibly gaining access to other systems on that segment of my LAN, then i'd have an issue. Then I may consider taking precautions such as using DHCP to lock a specific MAC address to a specific IP address and to allow it to only assign those addresses that I plan to use.
Even that's not a perfect option, but at least then it's not like I'm leaving it wide open.
Anyway, if someone accesses my AP from off my property, that's my fault because I left it open, on purpose, to allow them access. If they set foot on my property with that intent (or to plug in to my ethernet) without my permission, that is trespassing. They would foot the blame for that.
Now, if I set up an ethernet jack on the side of the road, then the blame would again fall on me. Until they set foot on my property or begin trying to crack passwords or clone MAC addresses.
It's not cut-and-dry, he accessed your AP it's his fault or you left it open it's your fault. How, when, and where come into play. Why also plays a part.
Of course, then i read the rest of your message and I'm simply too lazt to change what I wrote. No need to, really, as it still sheds some light on the situation. |
