09 July 2005

It's incredibly easy to piggy-back on somebody else's wifi setup. However, if you park you truck outside somebody's house for a long time while doing it there's a pretty good chance you will get caught.

4 comments:

Have Opinion, Will Travel said...

Interesting issue. I suppose the trial strategy is likely to be that failure to encrypt or otherwise secure your network = authorization to use the network. It will be an interesting challenge for the lawyers on both sides to get a Florida jury to understand concepts like WiFi networking and 128 bit encryption.

Ken Lammers said...

I think that the problem for any defendant in these sort of case is that rhe router usually has a password for someone to access the internet it is broadcasting/receiving. However, a lot of people leave the default setting and therefore the hacker is able to easily gain access if he knows the default codeword. He wouldn't actually have permission, just knowledge of how to get on a poorly protected system.

loraksus said...

Actually Ken, (coughs, puts on wifi geek hat) virtually all routers are ready to go out of the box without the end user having to set any passwords.

The vast majority of the routers have SSID (aka network name) broadcast turned on - what this basically means is that the router is advertising it's presence to everyone in range. Pretty common names are "linksys", "netgear", "default", "airport" etc.
You can turn this broadcasting off in the router configuration, although pretty much everyone doesn't because they have no clue what the SSID is.
(And just in case there is any confusion, someone wanting to connect does not need to input this name, simply clicking on it is enough to connect)

On top of that, you can encrypt the network - and while someone can hack the most commonly used encryption very easily - it certainly is a pretty obvious way of saying "don't use my network".
Again, in this case, the majority of the networks are unencrypted, and as far as I understand from the mostly useless news articles, WEP was not being used in this case.

This isn't a matter of hacking into a network or a computer. It is the wireless equivalent of plugging your computer into an open network port at somebody's home / business. Creepy perhaps, but generally not seen as illegal.

In fact, some versions of Windows (left in their default configuration) will automatically connect you to the strongest unencrypted network regardless of their home ("preferred") network, so I can safely say that there are tens of thousands of people around the country who are accessing someone else's network right now without even knowing it. Wifi signals are pretty weak, and a single wall or odd angle can weaken your own router's signal enough to make your laptop switch over to your neighbor's router.

It would be pretty stupid to start making felons of them, but I really doubt that the judge - to say nothing about the jury - will have sufficient grasp of technology to make a judgment that is reasonable.

If the prosecutor fills the jury with "people who's VCRs have flashed 12:00 since 1986" and does some fear mongering, it should be pretty easy for them to get a conviction. I'm sure some of the larger ISPs or wireless ISPs (i.e. tMobile) will be jumping up and down for the chance to testify that this is evil or "theft of services" and how this exploits the children by promoting child pornography, etc, etc.

I'm guessing the PD will just get this guy to plead out to some misdemeanor offence (he's being charged with a second degree felony - on par with a repeat DWI offence and worth up to 5 years), but if this does go to trial, it would be nice to have a tech savvy judge and jury, but odds are that neither will be. An appellate court will probably have to clean up the mess.

Ken Lammers said...

I bow to superior knowledge.

I guess listening to TWiT each week hasn't brought me above the level of (semi) talented amateur.