Wi-Fi Freeloader Arrested > What Is A Crime?

reply to Scilicet

Re: What Is A Crime?

reply to knightmb

reply to raccettura

quote:

---

If someone doesn't patch their Windows computer, it gets hacked, and CC #'s stolen....

who is wrong? Isn't that just an invitation to take data? It's the exact same argument, just a different piece of hardware.

In this case, the user of the unpatched computer left a sign on it saying "Here, have my credit card number".

No difference

---

reply to waldoooo
Unless you have that wifi blocking wallpaper it's actually more like parking your car in my yard, with the keys in it.

reply to djrobx

reply to waldoooo

Is the default username and password still securing?

Because that is what you are looking at for the vast majority of unintentionally open APs now... a router configured with a default username and password opening them up to easily bypassing any existing encryption.
--
ISCABBS - the oldest and largest BBS on the Internet
telnet://whip.isca.uiowa.edu
Professional Geographer
Geographic Information Science researcher

I don't think a default open system can be considered secured. From what I can tell the default user name is...well... "default" or something similar and the password is blank when you get the router. Creating some sort of access ID with a password would change all of that and would mean you would have to know the user login and password in order to gain access to the bandwidth.

Once you gain access to a wireless network the first thing to do will be to run a LAN sniffer. You don't need to access the router's administration page to be able to surf the web and such either.

Wireless is insecure, and there are ways to prevent a signal from being picked up or even blocking out users you don't want on your network. All these "come on in!" comments are basically talking about the router broadcasting itself. This can be turned off and from there you will need a passive scanner to detect the access point let alone get it's name before you can even join it. Even yet this is not security, this is simply playing hide and go seek.

Another option will be to use encryption WEP is not secure and be cracked in only minutes to seconds. Most likely I would suggest WAP2 which for now has no known exploits or cracks beside dictionary attacks. Even then it's possible to get in. That's why you begin only allowing the MAC addresses which are able to access the router. Which provides also some level of security.

You might also want to go static instead of DHCP. If you have like 3 computers simply tell the router to allow only 3 IP's. Anything else should have no need to access the network.

Either way wireless has been proven to be insecure and should only be used if monitored by someone who knows what there doing. But most people just plug it in set there computers to connect to "linksys" and the router handles everything from there. The

P.S When I say router I mean it as a wireless router.

reply to djrobx

said by djrobx:


I equate using an open access point for light tasks as someone pulling into my driveway to do a 3 point turn-around real quick. Legally it's probably tresspassing,and it's something one probably shouldn't do, and is not real courteous, but no lasting harm is done so I just tolerate it. No harm no foul.

reply to barnett25
And you getting in the car and driving it around is still illegal.

I can park the damn thing on your front porch with the keys in it and the motor running and you still can't legally enter it, nor can you legally take it for a joy ride.

reply to raccettura
When you say this, it sounds ignorant. I can't stand people who buy a $70++ piece of equipment (router) and don't know the first thing on how to secure it, or what "WiFi" means. If you are dumb enough to leave it wide open, more power to the person "stealing" it. I think it's right, because if that person cared enough about what someone else is doing on their network, they would secure it. END OF STORY. The REAL person they should sue is the router manufacturer, for sending them an "non-locked down" router. If they took a small amount of assembly line time to send each router with a unique default WiFi password, and a quick start guide on how to configure their machine, none of this would happen. Instead of sueing the person "stealing" the connection, why not make a law stating you need a license to use a computer or router. Then people will read the book, understand a little, and get rid of problems like this, or face fines and jail time. People are so "techno-stupid" these days they have no business purchasing stuff like this, yet we keep making all these advances in technology without requiring them to be up to speed.

(Sorry for the rant, but lets look at it this way, if an ISP left the default settings including passwords and usernames, set for their routers, all hell would break lose, and everyone here would say "what idiots". This is no different, it's the users "responsibility" to keep this from happening, it even says so in the manual).

reply to knightmb
Here's a counter argument. If you forget to lock your front door, does that give permission for anyone to take whatever's inside? (Feel free to include your address)

reply to Skippy25

reply to Buchanon Nykad

reply to marigolds
Uh. The difference? You gotta be kidding me. He was probably arrested because in most locations child porn is illegal.

In Va the code is: § 18.2-374.1:1. Possession of child pornography; and is a felony crime. So yeah he was most likely arrested for accessing child porn for personal pleasure which is not a legit purpose at least in the U.S. Because apparently certain people are allowed to view child porn for research.

If you don't understand what you are buying then read a book and get a clue, otherwise don't bother with it. Computers demand a certain know-how & knowledge. If you don't possess it then learn or don't bother. We don't need laws to govern every little damn detail because people don't know how to operate equipment. If that were the case MS should have been out of business long ago because they have grossly neglected the security in every version of windows, with exception to maybe 1.0. You can patch every flaw that currently has a patch and still be vulnerable to an attack. So what? You going to sue MS for negligence? Even with closing up a wifi network if someone really wanted to get in they could. WIFI AS IT IS, IS NOT SECURE! NO MATTER WHAT YOU DO. Its open-air...the whole idea of wifi is insecure.

Now one argument that could be used in the defense, which I'm unsure whether it has been posed or not...

Say I were to have a database that allowed employees to telnet into it, as long as they know the correct IP as it is not advertised on the net. Yet a guest account was left for those employees that forget their passwords. And a non employee was to access the database. That guest account is not saying come one come all and join in. If unauthorized access was still achieved by that non-employee I'm certain that a court would find a case in the favor of the company as its intention was not to allow others outside of the business access the site.

Granted that is somewhat of a poor example.

reply to SRFireside
It is more akin to painting your bike lime green with a spray paint can and leaving it unlocked in the cities that have implemented the bike sharing system and then saying "it was never my intent for my bike to be a communal bike."

(for those who are not familiar with the community bicyle programs, see »www.ibike.org/encouragement/freebike.htm#usa)

Many routers even give you the ability to keep your wifi channels bandwith down and give the system a protected channnel so that your system doesn't grind to a crawl when you choose to participate in such a give away.

reply to phattieg
It is like that in most places to bhe best of my knowledge (don't even get me started on that law), but that is not the point. You still can't take that car for a joy ride just because it is there.