Protocol for using others' network???

Archived from groups: alt.internet.wireless (More info?)

I am vacationing in a resort condo where there are rental units and
also fulltime residents. Today I fired up my laptop with every intent
of hooking up my remote dialup access, and I found that I was
connected to a wireless broadband network. Upon checking I found that
I am receiving signals from four such networks -- three of which are
unsecured. What is the protocol for using such access? Does my use
in any compromise the owner? My thought is that if they objected to
others' use they would simply secure the account. However, I want to
do the right thing and not piss anyone off so I'd appreciate any
guidance. I do have a network at home and specified that it be
installed secure.

_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
42 answers Last reply
More about protocol others network
  1. Archived from groups: alt.internet.wireless (More info?)

    SBN wrote:
    > I am vacationing in a resort condo where there are rental units and
    > also fulltime residents. Today I fired up my laptop with every intent
    > of hooking up my remote dialup access, and I found that I was
    > connected to a wireless broadband network. Upon checking I found that
    > I am receiving signals from four such networks -- three of which are
    > unsecured. What is the protocol for using such access? Does my use
    > in any compromise the owner? My thought is that if they objected to
    > others' use they would simply secure the account. However, I want to
    > do the right thing and not piss anyone off so I'd appreciate any
    > guidance. I do have a network at home and specified that it be
    > installed secure.
    >
    > _______________________________________________________________________________
    > Posted Via Uncensored-News.Com - Accounts Starting At $6.95 -
    > http://www.uncensored-news.com <><><><><><><> The
    > Worlds Uncensored News Source <><><><><><><><>

    When people buy Wap/Routers, to increase sales, they are sold with
    absolutely *NO* security and wide open. (sales went up 78% when they started
    selling them wide open).
    Current legislation makes it illegal for THEM (unless they have a biz
    account and can have multiple users), but not for you to use it.
    If you want to be a nice guy, offer to set it up with security for them, and
    add yourself as an authorized user. That would probably be a win-win.
  2. Archived from groups: alt.internet.wireless (More info?)

    On Sat, 1 Jan 2005 19:36:44 -0800, "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >When people buy Wap/Routers, to increase sales, they are sold with
    >absolutely *NO* security and wide open. (sales went up 78% when they started
    >selling them wide open).

    Surely you jest. At no time were wireless routers ever sold secure by
    default. In order to do that, the router would have to have:
    1. The wireless portion temporarily disabled.
    2. Ask for a router password on initialization.
    3. Ask for an SSID on initialization.
    4. Ask for a WEP type and WEP key on initialization.
    5. Disable UPnP by default.
    6. Close all port redirection, DMZ host, and port triggering by
    default.
    7. Whatever else I forgot to nail down.
    Basically, EVERYTHING needs to be turned off by default, and enabled
    or configured during the initial setup. No cheapo router manufacturer
    has ever done that. Some routers would ask for a router password
    during the initial setup wizard, but it could be bypassed by using a
    blank password.

    The closest approximation to secure out of the box were the 2-wire
    wireless routers shipped by various ISP's. These arrive from the ISP
    with the router password, SSID, and WEP key pre-configured and
    plastered on a label on the bottom of the router. This is good.

    The only concession to security that I've seen on wireless routers is
    Linksys finally deciding that turning on UPnP by default was a bad
    idea. Current firmware defaults to off. Woooopie.

    All the manufacturers make wireless configuration difficult by
    splattering wireless settings onto at least 3 different menu pages and
    burying WEP key configuration under 2-3 layers of "advanced" menus.
    Superficially, one might suspect that users aren't suppose to play in
    the "advanced" settings. So much for wireless security.

    Where did you get the 78% increase in sales (over what period, what
    product line, dollars or units, using who's numbers, as reported
    where, etc...)? Sales statistics are so much fun.

    >Current legislation makes it illegal for THEM (unless they have a biz
    >account and can have multiple users), but not for you to use it.
    >If you want to be a nice guy, offer to set it up with security for them, and
    >add yourself as an authorized user. That would probably be a win-win.

    First, you'll have to explain what security means, why they need to be
    secure, what they have to do to stay secure, what will happen if they
    continue to run an unsecured system, wireless sniffing, wardriving,
    router firmware updates, and such. Best of luck.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  3. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann wrote:
    > On Sat, 1 Jan 2005 19:36:44 -0800, "Peter Pan"
    > <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:
    >
    >> When people buy Wap/Routers, to increase sales, they are sold with
    >> absolutely *NO* security and wide open. (sales went up 78% when they
    >> started selling them wide open).
    >
    > Surely you jest. At no time were wireless routers ever sold secure by
    > default. In order to do that, the router would have to have:
    > 1. The wireless portion temporarily disabled.

    Nope.. Not kidding young whippersnapper <--- (been doing computer stuff
    since 1969, bet I'm older than you and can say that!)

    A variation on #1. The Wireless portion was DISABLED ENTIRELY by default.
    And when they first came out, that's the way they where shipped. (basically
    just a router with wireless avalaible if you turned it on)

    It used to be No Wireless at all by default, even out of the box.

    If wireless doesn't work AT ALL, no need to do any of the other things you
    mention.... And that's the way it used to be shipped.. Wireless turned OFF
    by default
  4. Archived from groups: alt.internet.wireless (More info?)

    On Sat, 1 Jan 2005 23:08:01 -0800, "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >Jeff Liebermann wrote:
    >> On Sat, 1 Jan 2005 19:36:44 -0800, "Peter Pan"
    >> <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:
    >>
    >>> When people buy Wap/Routers, to increase sales, they are sold with
    >>> absolutely *NO* security and wide open. (sales went up 78% when they
    >>> started selling them wide open).
    >>
    >> Surely you jest. At no time were wireless routers ever sold secure by
    >> default. In order to do that, the router would have to have:
    >> 1. The wireless portion temporarily disabled.

    >Nope.. Not kidding young whippersnapper <--- (been doing computer stuff
    >since 1969, bet I'm older than you and can say that!)

    Young? I'm 57.9 years old.
    http://www.LearnByDestroying.com/pics/jeffl/jeffl-wolf.gif (3MB)
    Got started in computahs in college with the 1620, 1401, and 7090.
    Actually, we had most of a 709 in high skool, but never could get the
    tube infested 36 bit monster to count. On graduation in 1971 and
    after a few military adventures, I did RF design and ran several RF
    related businesses until about 1983, when I cleverly decided that
    computers were the hot ticket. I still do quite a bit of RF
    consulting but the main emphasis is on computing.

    In 1998, 802.11 appeared and I was bribed into getting involved in a
    wireless venture. I was involved in some proprietary radio link
    design, and figured that 802.11 would unify the industry. At that
    time, the only commodity 802.11 hardware available was from Eumitcom,
    Teletronics, Zcomax, Raylink, and perhaps Breezecom. A bit later,
    Linksys, SMC, and DLink appeared. Netgear eventually left their Bay
    Networks legacy behind and joined the bottom of the line vendors.
    Wavelan became Orinoco, Lucent, Agere, Avaya, and finally Proxim.
    Cisco was busy buying companies, killing wireless products that people
    wanted to buy, and selling overpriced and underpowered wireless
    bridges and access points.

    Between 1998 and 2000, everything was junk. During this time, I
    played with, tested, or helped design, just about every piece of
    wireless hardware that appeared on the market. Almost all the boxes
    were bridges or access points. Wireless routers didn't appear until
    about 2000 (not sure) and were just the same ethernet routers sold by
    the vendors with wireless bridge tacked on. I don't recall which one
    was first, but I do recall that absolutely none of them had the
    wireless disabled by default. Setup by serial port or telnet was
    common.

    >A variation on #1. The Wireless portion was DISABLED ENTIRELY by default.
    >And when they first came out, that's the way they where shipped. (basically
    >just a router with wireless avalaible if you turned it on)

    Well, could I trouble you for the manufacturers name and model number
    of such a wireless router? I probably have one either in the junk
    pile or in stock. My memory isn't as good as it once was and I'll
    admit that I might be mistaken.

    >It used to be No Wireless at all by default, even out of the box.

    I beg to differ.

    >If wireless doesn't work AT ALL, no need to do any of the other things you
    >mention.... And that's the way it used to be shipped.. Wireless turned OFF
    >by default

    Sigh. Yes, you do need to do everything I mentioned. Just turning on
    the wireless does not magically insure security. You have to go
    through all the various steps and chose the proper settings. I
    suppose the setup "wizard" might offer a good random value for the WEP
    key, but the SSID shouldn't really be random garbage.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  5. Archived from groups: alt.internet.wireless (More info?)

    SBN <sbn@foobox.net> wrote:
    > I am vacationing in a resort condo where there are rental units and
    > also fulltime residents. Today I fired up my laptop with every intent
    > of hooking up my remote dialup access, and I found that I was
    > connected to a wireless broadband network.

    Is it possible that this is a service provided by the resort?

    --
    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  6. Archived from groups: alt.internet.wireless (More info?)

    I checked that out and it probably is not. I checked with the owner
    of the condo and he does not know anything about the issue. Also, the
    resort does not advertise it, and would undoubtedly charge for it.
    They have a device in their lobby where they charge .25/minute to
    check email!

    On Sun, 2 Jan 2005 00:39:28 +0000 (UTC), dold@XReXXProto.usenet.us.com
    wrote:

    >SBN <sbn@foobox.net> wrote:
    >> I am vacationing in a resort condo where there are rental units and
    >> also fulltime residents. Today I fired up my laptop with every intent
    >> of hooking up my remote dialup access, and I found that I was
    >> connected to a wireless broadband network.
    >
    >Is it possible that this is a service provided by the resort?


    _______________________________________________________________________________
    Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
    <><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
  7. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann wrote:
    >> If wireless doesn't work AT ALL, no need to do any of the other
    >> things you mention.... And that's the way it used to be shipped..
    >> Wireless turned OFF by default
    >
    > Sigh. Yes, you do need to do everything I mentioned. Just turning on
    > the wireless does not magically insure security. You have to go
    > through all the various steps and chose the proper settings.

    The point is that if wireless is OFF, then your other stuff doesn't matter.
    I liken it to turning of the main breaker for your house, doesn't much
    matter if a light switch is turned off too.

    At the stores I own, the first WAP/Routers we sold, had that WAP part turned
    *OFF* by default. Used to make some good bucks having our techs turn it on
    after the people bought em and found out they couldn't use em.

    Of course if you turn it on, that's a different animal, and then you have to
    set things, but the statement was based on the first part of the sentence
    *if wireless doesn't work at all*... Think about it.. if you have *NO*
    wireless at all, what difference do the wep etc settings make? It's like
    turning off a light switch when the lamp is unplugged.

    Haven't heard of any sucessful prosections (YET) of people using left open
    networks, but I have heard of people being targeted for breaking the
    agreement to only allow personal use of an internet connection instead of
    paying extra for a biz account that can have multiple users.
  8. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 2 Jan 2005 01:40:00 -0800, "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >At the stores I own, the first WAP/Routers we sold, had that WAP part turned
    >*OFF* by default. Used to make some good bucks having our techs turn it on
    >after the people bought em and found out they couldn't use em.

    Make and model?

    >Of course if you turn it on, that's a different animal, and then you have to
    >set things, but the statement was based on the first part of the sentence
    >*if wireless doesn't work at all*... Think about it.. if you have *NO*
    >wireless at all, what difference do the wep etc settings make? It's like
    >turning off a light switch when the lamp is unplugged.

    Normally, a customer buys a wireless router so they can use it
    wirelessly. Leaving the wireless off is a waste. Might as well have
    bought an ethernet router, with no wireless. So, the first thing a
    customer would do with such a router is turn on the wireless part.
    Then they get to figure out the details. My guess(tm) is that if you
    just turn on the wireless part of your unspecified wireless router,
    the SSID will default to something stupid, WEP will be off, and the
    router will work wirelessly in a rather insecure manner. Might as
    well have left the wireless on by default.

    >Haven't heard of any sucessful prosections (YET) of people using left open
    >networks,

    I track FCC enforcement actions
    http://www.fcc.gov/eb/
    and find very little activity of any type involving 2.4GHz. However,
    these don't record warnings which is usually all that's necessary to
    insure compliance. Besides, there's no money in issuing fines to the
    average wireless user.

    These were previously posted to alt.internet.wireless. Kinda marginal
    examples but certainly applicable.

    http://www.canoe.ca/NewsStand/LondonFreePress/News/2003/11/22/264890.html
    http://www.freep.com/news/locoak/nhack11_20031111.htm

    >but I have heard of people being targeted for breaking the
    >agreement to only allow personal use of an internet connection instead of
    >paying extra for a biz account that can have multiple users.

    I haven't hear of that recently. There were some cable ISP's
    (Comcast) that were sniffing traffic and trying to guess how many PC's
    were hidden behind an NAT firewall. Then, some telemarketting
    organization was tasked with calling the customers and informing them
    that they have violated the terms of service which do not allow
    multiple computers, and that they retroactively owe the cable ISP
    about $8/month extra per PC. You can kinda predict how far treating
    your customers as criminals went. These days, I hear about users
    getting "fined" or unplugged for excessive traffic, usually caused by
    a trojaned PC, worm, or because they're running a porno server. A few
    ISP's are blocking VPN ports and sometimes SMTP mail on the assumption
    that such services require the overpriced business account. The
    satellite ISP's throttle traffic after about 150MBytes/hr to give
    everyone their "fair share" of the pipe. I can't speak for the rest
    of the country, but busting custmers for anything other than gross
    abuse just isn't practiced by any of the local (Northern Calif) ISP's
    that I know and deal with.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  9. Archived from groups: alt.internet.wireless (More info?)

    On 2 Jan 2005 00:15:14 GMT, SBN spoketh

    >I am vacationing in a resort condo where there are rental units and
    >also fulltime residents. Today I fired up my laptop with every intent
    >of hooking up my remote dialup access, and I found that I was
    >connected to a wireless broadband network. Upon checking I found that
    >I am receiving signals from four such networks -- three of which are
    >unsecured. What is the protocol for using such access? Does my use
    >in any compromise the owner? My thought is that if they objected to
    >others' use they would simply secure the account. However, I want to
    >do the right thing and not piss anyone off so I'd appreciate any
    >guidance. I do have a network at home and specified that it be
    >installed secure.
    >

    What's the policy on taking a ride in any convertible found in the
    parking lots at Disney?

    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  10. Archived from groups: alt.internet.wireless (More info?)

    Lars M. Hansen wrote:

    >
    > What's the policy on taking a ride in any convertible found in the
    > parking lots at Disney?
    >
    > Lars M. Hansen
    > http://www.hansenonline.net
    > (replace 'badnews' with 'news' in e-mail address)

    What the heck does *stealing* cars have to do with using an open WAP?
  11. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
    >>Nope.. Not kidding young whippersnapper <--- (been doing computer stuff
    >>since 1969, bet I'm older than you and can say that!)

    I almost fell off the couch laughing when I read that one.
    Not that I thought you were old... just beyond the "whipppersnapper" age.

    > Young? I'm 57.9 years old.

    That's older than I thought.

    > http://www.LearnByDestroying.com/pics/jeffl/jeffl-wolf.gif (3MB)

    That was cute. It popped up behind my terminal screen, where I could only
    see a portion of it, and I thought it was morphing from high school student
    to old fart. At first, I thought it would be the spinning chair jscript.

    > Actually, we had most of a 709 in high skool, but never could get the
    > tube infested 36 bit monster to count. On graduation in 1971 and

    Ah, that's where I messed up. What did you do between 1971 graduation and
    now to gain the extra years? If 17.9 years old is a good median high
    school graduation, 40 years ago would have you graduating from high school
    in 1964. Earlier references to 1997 - 49 would be 1950, so maybe the high
    skool reference sentence was blurred, and you graduated from college in
    1971. That doesn't match 2005-58. Neither does 1950+57.9.

    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  12. Archived from groups: alt.internet.wireless (More info?)

    > Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
    >>> Nope.. Not kidding young whippersnapper <--- (been doing computer
    >>> stuff since 1969, bet I'm older than you and can say that!)
    >
    > I almost fell off the couch laughing when I read that one.
    > Not that I thought you were old... just beyond the "whipppersnapper"
    > age.
    >
    >> Young? I'm 57.9 years old.
    >

    Yup.. Sorrry, looked at my sent file and my apology didn't get sent...so my
    apologies for the young whippersnapper remark. All I can say is that it was
    worded and meant as a joke...(that's what the smiley face was for, and the
    stuff in parends "(been doing computer stuff since 1969, bet I'm older than
    you and can say that! :)" Both were meant/supposed to mean sarcasm, no
    offense was intended. However.... Since I am 51 (over the age of 50, when
    you magically become eccentric instead of rude or wierd...) I think I can
    now safely use the term that is used for me once in a while.. Old Fart....:)
  13. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 2 Jan 2005 12:00:03 +0000 (UTC), dold@XReXXProto.usenet.us.com
    wrote:

    >I almost fell off the couch laughing when I read that one.
    >Not that I thought you were old... just beyond the "whipppersnapper" age.

    I've been called a curmudgeon, which methinks is more appropriate. I
    have a nifty pen and ink sketch of myself as Ebineezer Scrooge on the
    bedroom wall.

    >> Young? I'm 57.9 years old.
    >That's older than I thought.

    Methinks I've discovered the secret to eternal youth. No kids or
    dependents (that I know of).

    >At first, I thought it would be the spinning chair jscript.

    I forgot about that one:
    http://www.LearnByDestroying.com/panorama/jeffl.htm (700KB)
    Move the mouse around the screen after it's done loading. (Remind me
    to retouch the bald spot).

    >> Actually, we had most of a 709 in high skool, but never could get the
    >> tube infested 36 bit monster to count. On graduation in 1971 and
    >
    >Ah, that's where I messed up. What did you do between 1971 graduation and
    >now to gain the extra years? If 17.9 years old is a good median high
    >school graduation, 40 years ago would have you graduating from high school
    >in 1964. Earlier references to 1997 - 49 would be 1950, so maybe the high
    >skool reference sentence was blurred, and you graduated from college in
    >1971. That doesn't match 2005-58. Neither does 1950+57.9.

    Oh swell, I can't find a resume that goes back that far. From my
    fading memory:
    1965 Graduated Hamilton High Skool, Smog Angeles
    1971 Graduated Cal Politic, Pomona BSEE.
    Yes, it took 6 years to make it through college due to some travel and
    diversions. I was born in 1948 so I was 17 when I graduated High
    Skool, and 23 when they graduated me from college.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  14. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 2 Jan 2005 11:14:28 -0800, "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >
    >> Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
    >>>> Nope.. Not kidding young whippersnapper <--- (been doing computer
    >>>> stuff since 1969, bet I'm older than you and can say that!)
    >>
    >> I almost fell off the couch laughing when I read that one.
    >> Not that I thought you were old... just beyond the "whipppersnapper"
    >> age.
    >>
    >>> Young? I'm 57.9 years old.

    Oops. It's a sure sign of old age when I don't know how old I am and
    have to use a calculator to do the arithmetic. I'm only 56.9 years
    old.

    >Yup.. Sorrry, looked at my sent file and my apology didn't get sent...so my
    >apologies for the young whippersnapper remark. All I can say is that it was
    >worded and meant as a joke...(that's what the smiley face was for, and the
    >stuff in parends "(been doing computer stuff since 1969, bet I'm older than
    >you and can say that! :)" Both were meant/supposed to mean sarcasm, no
    >offense was intended.

    I don't really know what whippersnapper means.
    http://www.hyperdictionary.com/dictionary/whippersnapper
    Actually, that's fairly accurate. I'm not terribly important and
    really do have a gigantic inflated ego. Yeah, I guess I deserve that.
    However, it's no problem and no apology is required. If you read any
    of my postings, you'll probably notice that diplomacy, tact,
    sensitivity, and etiquette are not my best points. I'm sure you would
    be entertained by the hate mail that I erratically receive when I
    tactlessly trample on someone's illusions. That's balanced by my
    easily admitting that I screwed up or am in error, which happens all
    too often.

    >However.... Since I am 51 (over the age of 50, when
    >you magically become eccentric instead of rude or wierd...) I think I can
    >now safely use the term that is used for me once in a while.. Old Fart....:)

    Well, you can now say that you're over half a century old. My being
    about 6 years older only means that I've had 6 more years of mistakes
    and about 10% more that I've either forgotten or has become useless
    knowledge.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  15. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann wrote <and I snipped>:
    >
    >>It used to be No Wireless at all by default, even out of the box.
    >
    >
    > I beg to differ.
    >

    The Linksys BEFW11S4 V1 that I bought in the summer of 2001 was delivered
    with wireless disabled, and pg.18 of the user guide explicitly says that
    wireless must be enabled to make it work. That unit had 1.37.2 firmware;
    I do not recall if any of the firmware upgrades enabled wireless by default.
    --
    Cheers, Bob
  16. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 02 Jan 2005 16:57:52 GMT, Bob Willard
    <BobwBSGS@TrashThis.comcast.net> wrote:

    >Jeff Liebermann wrote <and I snipped>:

    >>>It used to be No Wireless at all by default, even out of the box.

    >> I beg to differ.

    >The Linksys BEFW11S4 V1 that I bought in the summer of 2001 was delivered
    >with wireless disabled, and pg.18 of the user guide explicitly says that
    >wireless must be enabled to make it work. That unit had 1.37.2 firmware;
    >I do not recall if any of the firmware upgrades enabled wireless by default.

    Well, that explains why I've never seen that one. I was recovering
    from a triple bypass and was in no condition to do any work after Feb
    2001 for about 6 months. I missed that one.

    Normally, I would check the firmware release notes from the Linksys
    support web pile,
    http://www.linksys.com/support/TechSupport.asp
    but they seem to be having a Y2.005K problem:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e31'
    [Microsoft][ODBC SQL Server Driver]Timeout expired
    /support/TrafficReport.asp, line 48

    Traffic report? Sigh. Maybe later...


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  17. Archived from groups: alt.internet.wireless (More info?)

    SBN <sbn@foobox.net> wrote:

    > I am vacationing in a resort condo where there are rental units and
    > also fulltime residents. Today I fired up my laptop with every intent
    > of hooking up my remote dialup access, and I found that I was
    > connected to a wireless broadband network. Upon checking I found that
    > I am receiving signals from four such networks -- three of which are
    > unsecured. What is the protocol for using such access? Does my use
    > in any compromise the owner? My thought is that if they objected to
    > others' use they would simply secure the account. However, I want to
    > do the right thing and not piss anyone off so I'd appreciate any
    > guidance. I do have a network at home and specified that it be
    > installed secure.

    Your question really boils down to "What can I infer about the
    intentions of the owner of a wireless network from the fact that he has
    left it unencrypted?" From that fact alone, nothing. Too many people who
    use wireless networking are ignorant of wireless security. They probably
    installed their wireless access points themselves, with only a glance at
    the "Quick Install" card.

    If any of those wireless networks you see has the manufacturer's default
    name -- "linksys", for example -- you can assume that the owner is
    fairly clueless and has not made an informed, deliberate choice to leave
    his network unsecured. If the network name (SSID) itself gives a good
    indication that it is intended for public use, I can't see how anybody
    could fault you for using it. Otherwise, you're not entitled to play
    Goldilocks just because the door was left open.
  18. Archived from groups: alt.internet.wireless (More info?)

    Lars M. Hansen <badnews@hansenonline.net> wrote:
    > What's the policy on taking a ride in any convertible found in the
    > parking lots at Disney?

    I hop on those little trams all the time. Am I supposed to pay?

    --
    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  19. Archived from groups: alt.internet.wireless (More info?)

    neillmassello@earthlink.net (Neill Massello) wrote:
    >If any of those wireless networks you see has the manufacturer's default
    >name -- "linksys", for example -- you can assume that the owner is
    >fairly clueless and has not made an informed, deliberate choice to leave
    >his network unsecured. If the network name (SSID) itself gives a good
    >indication that it is intended for public use, I can't see how anybody
    >could fault you for using it. Otherwise, you're not entitled to play
    >Goldilocks just because the door was left open.

    Excellent summary! I've got clients with security disabled on
    purpose, and in every case, they are not saying "Anyone welcome to do
    anything they want".
  20. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 02 Jan 2005 11:04:14 -0800, Jeff Liebermann
    <jeffl@comix.santa-cruz.ca.us> wrote:

    >On Sun, 02 Jan 2005 16:57:52 GMT, Bob Willard
    ><BobwBSGS@TrashThis.comcast.net> wrote:
    >
    >>Jeff Liebermann wrote <and I snipped>:
    >
    >>>>It used to be No Wireless at all by default, even out of the box.
    >
    >>> I beg to differ.
    >
    >>The Linksys BEFW11S4 V1 that I bought in the summer of 2001 was delivered
    >>with wireless disabled, and pg.18 of the user guide explicitly says that
    >>wireless must be enabled to make it work. That unit had 1.37.2 firmware;
    >>I do not recall if any of the firmware upgrades enabled wireless by default.
    >
    >Well, that explains why I've never seen that one. I was recovering
    >from a triple bypass and was in no condition to do any work after Feb
    >2001 for about 6 months. I missed that one.
    >
    >Normally, I would check the firmware release notes from the Linksys
    >support web pile,
    > http://www.linksys.com/support/TechSupport.asp
    >but they seem to be having a Y2.005K problem:
    >
    > Microsoft OLE DB Provider for ODBC Drivers error '80040e31'
    > [Microsoft][ODBC SQL Server Driver]Timeout expired
    > /support/TrafficReport.asp, line 48
    >
    >Traffic report? Sigh. Maybe later...

    Ok. Linksys support page is now back. Checking the release notes for
    the BEFW11S4v1 v1.44z at:
    http://www.linksys.com/download/vertxt/befw11s4v1_v144z.txt
    It doesn't say anything about enabling the wireless. However, it
    looks like the trimmed off an earlier update. Nothing on the ftp
    site. I also didn't find anything in the knowledge base on enabling
    wireless. I believe you, but to the best of my limited knowledge,
    that may be the only model and firmware version to be shipped with
    wireless defaulted to off.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  21. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, Jeff Liebermann mused:
    |
    | Where did you get the 78% increase in sales....

    I read a stat that 99% of all stats used in a discussion are made up on
    the spot. ;-)
  22. Archived from groups: alt.internet.wireless (More info?)

    On Mon, 03 Jan 2005 21:27:09 GMT, "mhicaoidh"
    <®êmõvé_mhic_aoidh@hotÑîXmailŠPäM.com> wrote:

    >Taking a moment's reflection, Jeff Liebermann mused:
    >|
    >| Where did you get the 78% increase in sales....
    >
    > I read a stat that 99% of all stats used in a discussion are made up on
    >the spot. ;-)
    >
    Including this one?
  23. Archived from groups: alt.internet.wireless (More info?)

    On Mon, 03 Jan 2005 12:19:28 -0500, William P.N. Smith wrote:

    >Excellent summary! I've got clients with security disabled on
    >purpose, and in every case, they are not saying "Anyone welcome to do
    >anything they want".

    If this were Japan it would probably be ok. The problem with our
    society is that you have to actively discourage unwanted behavior -
    you simply can't trust people to respect your property or to exercise
    discretion when permitted to use it.

    George
    --
    for email reply remove "/" from address
  24. Archived from groups: alt.internet.wireless (More info?)

    On Mon, 03 Jan 2005 12:19:28 -0500, William P.N. Smith said:
    >
    >Excellent summary! I've got clients with security disabled on
    >purpose, and in every case, they are not saying "Anyone welcome to do
    >anything they want".

    Greetings,

    Just out of curiosity -- why do they have security disabled on
    purpose? (Serious question).

    --
    Mojo.
  25. Archived from groups: alt.internet.wireless (More info?)

    Mojo wrote:
    > On Mon, 03 Jan 2005 12:19:28 -0500, William P.N. Smith said:
    >>
    >> Excellent summary! I've got clients with security disabled on
    >> purpose, and in every case, they are not saying "Anyone welcome to do
    >> anything they want".
    >
    > Greetings,
    >
    > Just out of curiosity -- why do they have security disabled on
    > purpose? (Serious question).

    Surprisingly (or maybe not), Most people arent selfish self centered and out
    to make a buck... Ever go to a web page? Or before that use a BBS? Those are
    usually run by people that have nothing to gain, but do it as a service.
    Unfortunatly, it's the companies that stand to make money try and advertise
    things that make em money.. Even many internet cafes and coffee shops used
    to have free wireless internet hotspots, until the companies trying to make
    a buck came in and took em over. Remeber NetZero? They used to be free
    (that's how they got the zero in their name, now they are for profit and
    trying to make a buck).. Now they are $9.99.. didn't change their name to
    NetTen...

    Got a sniffer? When I was in Couer D'Alane Idaho (small town but Adelphia
    cable has internet access), I logged 332 nodes, 308 of which were open, and
    179 of them had internet access. I'm currently in Las Vegas, and just in a
    few blocks of my apartment here (Nellis Blvd and Boulder Highway), hit the
    max of 1000 (logger limits the number of nodes it remembers) there were over
    900 open ones, and with most cable companies having internet access, quite a
    few of those have free internet also.
    If you want a better idea, find an online list of hotspots (most of which
    are pay), and drive thru the same area with a sniffer.. In many places you
    will find hundreds or thousands more than listed, and almost every one of
    them free.
    Went to Alaska this summer, even found open FREE nodes in Dawson City YUKON
    (dirt roads, boats across the river etc, but they had free open nodes with
    internet access!)

    As an aside, for busines users, some people have PDA's, that don't work real
    well with security stuff, or laptops (from visitors). Much easier to set up
    a VPN (Virtual Private Network) for your people/private stuff, and leave
    access and the rest (which can't access much other than the internet
    connection) open.
  26. Archived from groups: alt.internet.wireless (More info?)

    Mojo <dev@null.com> wrote:
    >Just out of curiosity -- why do they have security disabled on
    >purpose? (Serious question).

    Because they live way out in the boonies, have no neighbors, and don't
    want the added complexity (and failure mode) of security. Since
    #define customer always_right
    I explain the tradeoffs to them and set it up the way they want.
  27. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 2 Jan 2005 10:51:53 -0800, Peter Pan spoketh

    >Lars M. Hansen wrote:
    >
    >>
    >> What's the policy on taking a ride in any convertible found in the
    >> parking lots at Disney?
    >>
    >> Lars M. Hansen
    >> http://www.hansenonline.net
    >> (replace 'badnews' with 'news' in e-mail address)
    >
    >What the heck does *stealing* cars have to do with using an open WAP?
    >

    Theft is theft.

    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  28. Archived from groups: alt.internet.wireless (More info?)

    Lars M. Hansen wrote:
    > On Sun, 2 Jan 2005 10:51:53 -0800, Peter Pan spoketh
    >
    >> Lars M. Hansen wrote:
    >>
    >>>
    >>> What's the policy on taking a ride in any convertible found in the
    >>> parking lots at Disney?
    >>>
    >>> Lars M. Hansen
    >>> http://www.hansenonline.net
    >>> (replace 'badnews' with 'news' in e-mail address)
    >>
    >> What the heck does *stealing* cars have to do with using an open WAP?
    >>
    >
    > Theft is theft.
    >
    > Lars M. Hansen
    > http://www.hansenonline.net
    > (replace 'badnews' with 'news' in e-mail address)

    So what the heck does theft have to do with using an open ap? You better
    check the laws, before you start making such a stupid ass statements, and
    calling something that IS NOT ILLEGAL, theft. I set up free open TOTALLY
    LEGIT wifi hotspots for a living, just finished ANOTHER one at Mccarren
    Airport in Las Vegas, and it's stupid people like you, calling things names,
    makings false and stupid allegatioins/accusations about something you know
    absolutely nothing about.
  29. Archived from groups: alt.internet.wireless (More info?)

    On Tue, 4 Jan 2005 23:20:59 -0800, Peter Pan spoketh


    >
    >So what the heck does theft have to do with using an open ap? You better
    >check the laws, before you start making such a stupid ass statements, and
    >calling something that IS NOT ILLEGAL, theft. I set up free open TOTALLY
    >LEGIT wifi hotspots for a living, just finished ANOTHER one at Mccarren
    >Airport in Las Vegas, and it's stupid people like you, calling things names,
    >makings false and stupid allegatioins/accusations about something you know
    >absolutely nothing about.
    >

    There's a difference between free public hotspots and unsecured private
    wireless networks. Again you go and make assumptions that fits your
    point of view. There's absolutely no reason to believe that the wireless
    networks the OP found in his condo building are "free public hotspots"
    like the ones set up at airports.

    Check the law? Sure.

    Massachusetts General law, chapter 266, Section 33A. Fraudulent
    Obtaining of Commercial Computer Services; Penalty.
    Whoever, with intent to defraud, obtains, or attempts to obtain, or
    aids or abets another in obtaining, any commercial computer service by
    false representation, false statement, unauthorized charging to the
    account of another, by installing or tampering with any facilities or
    equipment or by any other means, shall be punished by imprisonment in
    the house of correction for not more than two and one-half years or by a
    fine of not more then three thousand dollars, or both. As used in this
    section, the words "commercial computer services" shall mean the use of
    computers, computer systems, computer programs or computer network, or
    the access to or copying of data, where such use, access or copying is
    offered by the proprietor or operator of the computer, system, program,
    network or data to others on a subscription or other basis for monetary
    consideration.

    MGL, chapter 255, section 120F, Unauthorized access of computer systems;
    Penalty

    Whoever, without authorization, knowingly accesses a computer system
    by any means, or after gaining access to a computer system by any means
    knows that such access is not authorized and fails to terminate such
    access, shall be punished by imprisonment in the house of correction for
    not more than thirty days or by a fine of not more than one thousand
    dollars, or both.
    The requirement of a password or other means of authentication to gain
    access shall constitute notice that access is limited to authorized
    users.


    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  30. Archived from groups: alt.internet.wireless (More info?)

    On Tue, 4 Jan 2005 09:34:46 -0800, "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> said:

    >Mojo wrote:
    >> On Mon, 03 Jan 2005 12:19:28 -0500, William P.N. Smith said:
    >>>
    >>> Excellent summary! I've got clients with security disabled on
    >>> purpose, and in every case, they are not saying "Anyone welcome to do
    >>> anything they want".
    >>
    >> Greetings,
    >>
    >> Just out of curiosity -- why do they have security disabled on
    >> purpose? (Serious question).

    <snip>

    >As an aside, for busines users, some people have PDA's, that don't work real
    >well with security stuff, or laptops (from visitors). Much easier to set up
    >a VPN (Virtual Private Network) for your people/private stuff, and leave
    >access and the rest (which can't access much other than the internet
    >connection) open.

    Ahh, yes ,this bit makes sense. Cheers.

    --
    Mojo.
  31. Archived from groups: alt.internet.wireless (More info?)

    On Tue, 04 Jan 2005 19:45:37 -0500, William P.N. Smith said:

    >Mojo <dev@null.com> wrote:
    >>Just out of curiosity -- why do they have security disabled on
    >>purpose? (Serious question).
    >
    >Because they live way out in the boonies, have no neighbors, and don't
    >want the added complexity (and failure mode) of security.

    Fair enough. Thanks.

    --
    Mojo.
  32. Archived from groups: alt.internet.wireless (More info?)

    In article <69mnt0pvp3mh1i00mb3vt67bvr8rg5i48j@4ax.com>, Lars M. Hansen
    <badnews@hansenonline.net> wrote:

    > There's a difference between free public hotspots and unsecured private
    > wireless networks. Again you go and make assumptions that fits your
    > point of view. There's absolutely no reason to believe that the wireless
    > networks the OP found in his condo building are "free public hotspots"
    > like the ones set up at airports.
    >
    > Check the law? Sure.
    >
    > Massachusetts General law, chapter 266, Section 33A. Fraudulent
    > Obtaining of Commercial Computer Services; Penalty.
    > Whoever, with intent to defraud, obtains, or attempts to obtain, or
    > aids or abets another in obtaining, any commercial computer service by
    > false representation, false statement, unauthorized charging to the
    > account of another, by installing or tampering with any facilities or
    > equipment or by any other means, shall be punished by imprisonment in
    > the house of correction for not more than two and one-half years or by a
    > fine of not more then three thousand dollars, or both. As used in this
    > section, the words "commercial computer services" shall mean the use of
    > computers, computer systems, computer programs or computer network, or
    > the access to or copying of data, where such use, access or copying is
    > offered by the proprietor or operator of the computer, system, program,
    > network or data to others on a subscription or other basis for monetary
    > consideration.

    the key here is 'with intent to defraud.' using an open network is not
    fradulent.

    > MGL, chapter 255, section 120F, Unauthorized access of computer systems;
    > Penalty
    >
    > Whoever, without authorization, knowingly accesses a computer system
    > by any means, or after gaining access to a computer system by any means
    > knows that such access is not authorized and fails to terminate such
    > access, shall be punished by imprisonment in the house of correction for
    > not more than thirty days or by a fine of not more than one thousand
    > dollars, or both.

    the key here is 'knowingly, without authorization.'

    it would be difficult to prove 'without authorization' if there is no
    mechanism to authorize, i.e. a password.

    > The requirement of a password or other means of authentication to gain
    > access shall constitute notice that access is limited to authorized
    > users.

    the converse of that is that if the access point has no password or any
    other restriction (i.e. mac address filtering, splash page with terms
    of service, etc.), it is evidence that it is not limited to authorized
    users.
  33. Archived from groups: alt.internet.wireless (More info?)

    On Tue, 4 Jan 2005 23:20:59 -0800, in alt.internet.wireless , "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >So what the heck does theft have to do with using an open ap?

    Using an open AP without permission *is* theft. Do you disagree?

    >I set up free open TOTALLY LEGIT wifi hotspots for a living,

    If its deliberately set up as a free hotspot, then of course its not theft.
    Its hard however to see the relevance to Lars' remarks. AFAIK the OP
    didn't say it was a public AP to which he was granted permission. You
    assumed it was.

    >it's stupid people like you, calling things names,
    >makings false and stupid allegatioins/accusations about something you know
    >absolutely nothing about.

    Perhaps you ought to calm down and consider that you're also making stupid
    and false allegations.
    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
  34. Archived from groups: alt.internet.wireless (More info?)

    On Wed, 05 Jan 2005 15:46:29 -0800, nospam spoketh

    >In article <69mnt0pvp3mh1i00mb3vt67bvr8rg5i48j@4ax.com>, Lars M. Hansen
    ><badnews@hansenonline.net> wrote:
    >
    >> There's a difference between free public hotspots and unsecured private
    >> wireless networks. Again you go and make assumptions that fits your
    >> point of view. There's absolutely no reason to believe that the wireless
    >> networks the OP found in his condo building are "free public hotspots"
    >> like the ones set up at airports.
    >>
    >> Check the law? Sure.
    >>
    >> Massachusetts General law, chapter 266, Section 33A. Fraudulent
    >> Obtaining of Commercial Computer Services; Penalty.
    >> Whoever, with intent to defraud, obtains, or attempts to obtain, or
    >> aids or abets another in obtaining, any commercial computer service by
    >> false representation, false statement, unauthorized charging to the
    >> account of another, by installing or tampering with any facilities or
    >> equipment or by any other means, shall be punished by imprisonment in
    >> the house of correction for not more than two and one-half years or by a
    >> fine of not more then three thousand dollars, or both. As used in this
    >> section, the words "commercial computer services" shall mean the use of
    >> computers, computer systems, computer programs or computer network, or
    >> the access to or copying of data, where such use, access or copying is
    >> offered by the proprietor or operator of the computer, system, program,
    >> network or data to others on a subscription or other basis for monetary
    >> consideration.
    >
    >the key here is 'with intent to defraud.' using an open network is not
    >fradulent.

    Really? Using someone elses' service (who they pay for) in order to
    avoid having to pay for said service is not fraudulent?

    >
    >> MGL, chapter 255, section 120F, Unauthorized access of computer systems;
    >> Penalty
    >>
    >> Whoever, without authorization, knowingly accesses a computer system
    >> by any means, or after gaining access to a computer system by any means
    >> knows that such access is not authorized and fails to terminate such
    >> access, shall be punished by imprisonment in the house of correction for
    >> not more than thirty days or by a fine of not more than one thousand
    >> dollars, or both.
    >
    >the key here is 'knowingly, without authorization.'
    >
    >it would be difficult to prove 'without authorization' if there is no
    >mechanism to authorize, i.e. a password.

    You forgot "knows that such access is not authorized". Just because
    there the door isn't locked, you don't have the right to barge in.
    There's no reason to believe that you are authorized to use any open
    wireless network you can find, in the same manner that any unlocked car
    is not free-for-all.

    >
    >> The requirement of a password or other means of authentication to gain
    >> access shall constitute notice that access is limited to authorized
    >> users.
    >
    >the converse of that is that if the access point has no password or any
    >other restriction (i.e. mac address filtering, splash page with terms
    >of service, etc.), it is evidence that it is not limited to authorized
    >users.

    That's open to interpretation. It says that if you are required to enter
    a password, then no other notice is needed to tell you that access is
    restricted. However, it does not say that the lack of password implies a
    free-for-all.


    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  35. Archived from groups: alt.internet.wireless (More info?)

    In article <rt8qt0tt9fg7dgondjc61vvbaphel32g4k@4ax.com>, Lars M. Hansen
    <badnews@hansenonline.net> wrote:

    > >the key here is 'with intent to defraud.' using an open network is not
    > >fradulent.
    >
    > Really? Using someone elses' service (who they pay for) in order to
    > avoid having to pay for said service is not fraudulent?

    does the person with the access point charge people to access it? if
    not, then there is no avoidance in paying since there is no payment.
    their internet account is more than likely flat rate (at least in usa,
    anyway), so no additional charges to them would be incurred. also, no
    misrepresentation or tampering is made to access it. i don't see it as
    fraud.

    > >> MGL, chapter 255, section 120F, Unauthorized access of computer systems;
    > >> Penalty
    > >>
    > >the key here is 'knowingly, without authorization.'
    > >
    > >it would be difficult to prove 'without authorization' if there is no
    > >mechanism to authorize, i.e. a password.
    >
    > You forgot "knows that such access is not authorized". Just because
    > there the door isn't locked, you don't have the right to barge in.
    > There's no reason to believe that you are authorized to use any open
    > wireless network you can find, in the same manner that any unlocked car
    > is not free-for-all.

    i didn't forget it. without querying the owner of the access point, one
    has no idea whether it is permissible or not. there are private access
    points that welcome guests, so it is certainly possible that an open
    access point is intended for public use.

    furthermore, the computer might connect to someone else's access point
    without the users knowledge at all. i doubt the typical user checks the
    specifics of their network connection unless it doesn't work.

    > >> The requirement of a password or other means of authentication to gain
    > >> access shall constitute notice that access is limited to authorized
    > >> users.
    > >
    > >the converse of that is that if the access point has no password or any
    > >other restriction (i.e. mac address filtering, splash page with terms
    > >of service, etc.), it is evidence that it is not limited to authorized
    > >users.
    >
    > That's open to interpretation. It says that if you are required to enter
    > a password, then no other notice is needed to tell you that access is
    > restricted. However, it does not say that the lack of password implies a
    > free-for-all.

    everything legal is open to interpretation. :)
  36. Archived from groups: alt.internet.wireless (More info?)

    On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    <nospam@nospam.invalid> wrote:

    >the key here is 'with intent to defraud.' using an open network is not
    >fradulent.

    This is true ONLY if the owner of the network has given permission for you
    to access it, and has all necessary permissions from his own providers to
    make such access available.

    Perhaps you need to define 'open' before we carry on this debate as we seem
    to be discussing different things.

    >the key here is 'knowingly, without authorization.'

    And accessing a wireless network, without the owner's authorisation, would
    be 'knowingly' I believe?

    >it would be difficult to prove 'without authorization' if there is no
    >mechanism to authorize, i.e. a password.

    I'm afraid you're wrong.

    Just because I leave the keys in my BMW doesn't mean I gave you permission
    to drive off in it. Just because I left my house door open, doesn't mean
    you can help yourself to the contents of the fridge and wine cellar.

    >the converse of that is that if the access point has no password or any
    >other restriction (i.e. mac address filtering, splash page with terms
    >of service, etc.), it is evidence that it is not limited to authorized
    >users.

    No, its merely evidence of naivete or ignorance on the part of the owner.
    And the law tends to deal VERY severely with those who use their knowledge
    to abuse the naive or ignorant.


    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
  37. Archived from groups: alt.internet.wireless (More info?)

    Mark McIntyre wrote:
    > On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    > <nospam@nospam.invalid> wrote:
    >
    >> the key here is 'with intent to defraud.' using an open network is
    >> not fradulent.
    >

    Sorry, I think you may be way wrong on that..
    If you care to look at what the realities are, go to
    http://www.wardrive.net/ and read up on legal implications for wardriving
    and warchalking. Of course if you want to be closed minded and keep the
    irational attidute you have (wardriving is akin to stealing a car!?!?!?!?),
    don't.
  38. Archived from groups: alt.internet.wireless (More info?)

    In article <bifrt0hgi0kt4ih15hmquvnqr3htukjdvb@4ax.com>, Mark McIntyre
    <markmcintyre@spamcop.net> wrote:

    > On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    > <nospam@nospam.invalid> wrote:
    >
    > >the key here is 'with intent to defraud.' using an open network is not
    > >fradulent.
    >
    > This is true ONLY if the owner of the network has given permission for you
    > to access it, and has all necessary permissions from his own providers to
    > make such access available.

    i still say it is not fraud. it might be theft of service or
    unauthorized use. but fraud? no.

    > Perhaps you need to define 'open' before we carry on this debate as we seem
    > to be discussing different things.

    a network with no password required to access.

    > >the key here is 'knowingly, without authorization.'
    >
    > And accessing a wireless network, without the owner's authorisation, would
    > be 'knowingly' I believe?

    if i deliberately pick his network then yes, its knowingly. if the
    computer picks which network (i.e. the strongest signal), then its not
    knowingly until the user notices it. some tech savvy users will
    probably notice it right away. others might never notice it at all.

    i know someone who has a wireless network in his house, and so does his
    neighbor. his computer had been connecting to his neighbor's network
    for a while and he didn't realize it until he went to print something.
    he tried a few times but nothing came out of his printer. then a few
    days later his neighbor asked him if he printed something - it came out
    of *their* printer. it was a simple screwup and they all worked it out.
    point is, accidental use does happen.

    > >it would be difficult to prove 'without authorization' if there is no
    > >mechanism to authorize, i.e. a password.
    >
    > I'm afraid you're wrong.

    new york disagrees.

    <http://www.securityfocus.com/columnists/237>

    In fact, the companion New York State computer crime law, NY Penal
    Code Section 156 (6), requires that, before you can be prosecuted for
    using a computer service without authorization, the government has to
    prove that the owner has given actual notice to potential hackers or
    trespassers, either in writing or orally. In the absence of such
    notice in New York, the hacker can presume that he or she has
    authorization to proceed, under state law.

    > Just because I leave the keys in my BMW doesn't mean I gave you permission
    > to drive off in it. Just because I left my house door open, doesn't mean
    > you can help yourself to the contents of the fridge and wine cellar.

    entirely different scenario. cars and houses are personal property
    registered to the owner. very very rarely are they publically shared.
    it is not reasonable to expect a car with keys in it is free to use for
    anyone or a house with a door open is free to visit and partake in the
    food.

    there are many free public access wireless networks, with more
    appearing every day. it is reasonable to assume that a network with no
    password at all could be open to the public. it isn't a guarantee, of
    course, but it is certainly a reasonable conclusion.

    > >the converse of that is that if the access point has no password or any
    > >other restriction (i.e. mac address filtering, splash page with terms
    > >of service, etc.), it is evidence that it is not limited to authorized
    > >users.
    >
    > No, its merely evidence of naivete or ignorance on the part of the owner.
    > And the law tends to deal VERY severely with those who use their knowledge
    > to abuse the naive or ignorant.

    you'd need to prove intent to abuse the naive or ignorant. i think that
    would be difficult for simply accessing an open network, especially
    with laws such as the aforementioned one in new york.

    i don't know if this ever became law or not (the article is from 2003),
    but in new hampshire, not securing the network might be considered
    negligence:

    <http://www.wired.com/news/wireless/0,1382,58651,00.html>

    A bill that's breezing through New Hampshire's legislature says
    operators of wireless networks must secure them -- or lose some of
    their ability to prosecute anyone who gains access to the networks.
  39. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 06 Jan 2005 11:27:32 -0800, in alt.internet.wireless , nospam
    <nospam@nospam.invalid> wrote:

    >furthermore, the computer might connect to someone else's access point
    >without the users knowledge at all. i doubt the typical user checks the
    >specifics of their network connection unless it doesn't work.

    This might work in your favour in terms of sentence reduction, but
    ignorance of your actions' consequences is not generally a defence.

    Agreed, if you could show that you didn't intentionally make the connection
    and had no realisation that you even had it, you'd be most unlikely to be
    prosecuted in the first place.

    >everything legal is open to interpretation. :)

    True. Some things less so than others mind you...

    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
  40. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 6 Jan 2005 16:21:15 -0800, in alt.internet.wireless , "Peter Pan"
    <Marcs1102NOSPAM@HotmailNOSPAM.com> wrote:

    >Mark McIntyre wrote:
    >> On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    >> <nospam@nospam.invalid> wrote:
    >>
    >>> the key here is 'with intent to defraud.' using an open network is
    >>> not fradulent.
    >>
    >
    >Sorry, I think you may be way wrong on that..

    Given that I didn't write what you quote, I'm not surprised.:-)

    >If you care to look at what the realities are, go to
    >http://www.wardrive.net/ and read up on legal implications for wardriving
    >and warchalking.

    Yes, lets. Lets read the Wardriving FAQ entry on legality and ethics:
    "What is certainly illegal is connecting to and using networks without the
    network owner's permission ". This section goes on later to also say,
    relevant to this discussion:
    "You don't always have to do anything deliberately to connect (illegally)
    to someone else's network. Some client adapters are more "promiscuous" than
    others and will hook up with any non-WEP AP that comes into range"

    Lets be clear: there's nothing illegal about discovering the existence of
    wireless networks. This is akin to tuning in your radio to some random
    wavelength, and lo! finding a ham broadcasting there. But there is clear
    illegality about accessing to a computer network you're not authorised on.

    >Of course if you want to be closed minded and keep the
    >irational attidute you have (wardriving is akin to stealing a car!?!?!?!?),
    >don't.

    Assuming you're replying to me, I'd like you to find where in my posts I've
    said the above.


    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
  41. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 06 Jan 2005 17:48:03 -0800, in alt.internet.wireless , nospam
    <nospam@nospam.invalid> wrote:

    >In article <bifrt0hgi0kt4ih15hmquvnqr3htukjdvb@4ax.com>, Mark McIntyre
    ><markmcintyre@spamcop.net> wrote:
    >
    >> On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    >> <nospam@nospam.invalid> wrote:
    >>
    >> >the key here is 'with intent to defraud.' using an open network is not
    >> >fradulent.
    >>
    >> This is true ONLY if the owner of the network has given permission for you
    >> to access it, and has all necessary permissions from his own providers to
    >> make such access available.
    >
    >i still say it is not fraud. it might be theft of service or
    >unauthorized use. but fraud? no.

    When you're through clutching at straws, the definition of fraud might be
    useful here: "intentional perversion of truth in order to induce another to
    part with something of value". You'll disagree no doubt, but in this
    instance you're masquerading as the legal user of the connection in order
    to gain bandwidth and by doing so you're defrauding the ISP.

    >> Perhaps you need to define 'open' before we carry on this debate as we seem
    >> to be discussing different things.
    >
    >a network with no password required to access.

    Insufficient. A house with an open door is nevertheless not legally open to
    the public.

    >> And accessing a wireless network, without the owner's authorisation, would
    >> be 'knowingly' I believe?
    >
    >if the computer picks which network (i.e. the strongest signal), then its not
    >knowingly

    I'm afraid it doesn't work like that. You are responsible for the actions
    of equpment in your control, whether you knew it was doing it or not. You
    might drive your truck down the street and crush an old ladie's poodle
    without knowing about it. You're still culpable.

    (snip example of inadvertent network sharing)

    *shrug*. That it happens doesn't make it legal.

    >> >it would be difficult to prove 'without authorization' if there is no
    >> >mechanism to authorize, i.e. a password.
    >>
    >> I'm afraid you're wrong.
    >
    >new york disagrees.

    No, new york state law is merely out of date. And if you read the rest of
    the article for comprehension, you'd see that the article itself concludes
    that its a crime in any events, due to a host of Federal statutes which
    view the matter otherwise.
    And in any events, authorisation doesn't mean keying in a password. Thats a
    computer-science meaning. Authorisation simply means being given
    permission by the owner. This could be written permission, oral
    permission, or whatever.


    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
  42. Archived from groups: alt.internet.wireless (More info?)

    On Fri, 07 Jan 2005 23:52:21 +0000, Mark McIntyre
    <markmcintyre@spamcop.net> wrote:

    >On Thu, 06 Jan 2005 17:48:03 -0800, in alt.internet.wireless , nospam
    ><nospam@nospam.invalid> wrote:
    >
    >>In article <bifrt0hgi0kt4ih15hmquvnqr3htukjdvb@4ax.com>, Mark McIntyre
    >><markmcintyre@spamcop.net> wrote:
    >>
    >>> On Wed, 05 Jan 2005 15:46:29 -0800, in alt.internet.wireless , nospam
    >>> <nospam@nospam.invalid> wrote:
    >>>
    >>> >the key here is 'with intent to defraud.' using an open network is not
    >>> >fradulent.
    >>>
    >>> This is true ONLY if the owner of the network has given permission for you
    >>> to access it, and has all necessary permissions from his own providers to
    >>> make such access available.
    >>
    >>i still say it is not fraud. it might be theft of service or
    >>unauthorized use. but fraud? no.
    >
    >When you're through clutching at straws, the definition of fraud might be
    >useful here: "intentional perversion of truth in order to induce another to
    >part with something of value". You'll disagree no doubt, but in this
    >instance you're masquerading as the legal user of the connection in order
    >to gain bandwidth and by doing so you're defrauding the ISP.
    >
    [snip]
    >
    Bandwidth is something of value, at least to me. If this were not
    so, I would not have paid for it in the first place.

    Jumping onto someone's internet service without their consent is
    a perversion of truth. The offender is claiming it is his/her
    option to use this service as the offender chooses, and that
    doing so is by no means offensive to the rightful owner.
Ask a new question

Read More

Wireless Internet Wireless Networking