Originally posted by: nweaver
Originally posted by: smack Down
Originally posted by: nweaver
Ok, so lets talk about the laws here. For good or bad, it is YOUR responsibility to seek permission to use a resource (AP/Computer/access to the internet) NOT the owners to keep you out. This is a fact, it's the law good or bad. If you don't KNOW that you have permission, you should assume you DON'T.
802.11 association process....
Client sends a Beacon Request on all/most channels.
AP's reply with beacon information...nothing illegal here, you have not "accessed" the AP, you have done a public "shout" for AP's.
Client picks a network to connect to....client sends an 802.11 ASSOCIATION REQUEST......This is turning the doorknob on the wireless network (locked or unlocked makes no difference).
AP will either ask for the key (protected/locked door) or it won't (unprotected/unlocked door).
Assuming unprotected, you have now opened the door and walked into the private network that had it's door unlocked. You have broken the law, unless you have express permission to use said network.
Do you have any law you wish to cite when you claim it is people responsibility to seek permission to use a resource? All the laws I can find only making it illegal to use one KNOWING that you don't have permission. If you don't know one way or the other then accessing the resource is legal.
So.....if I don't know that I DON'T have permission, I can use your car, or do you have to explicitly tell me "Don't use my car!"
Originally posted by: Aikouka
Originally posted by: Golgatha
Meh, if the hotspot isn't secured then he ought to be able to access it.
I agree. If they want to restrict it to customers only, they should have methods to restrict it or a notice that is viewable to the entire range of the signal that it can only be used by paying customers. If not, how does someone know that it isn't simply provided free to anyone. The word "authorization" is a poor choice in this, because in computing, authorization refers to some sort of data being used as a "passcode." Such as your MAC address authenticating you to use a network or a username and password. Never in the world of computing has authorization referred to buying a mocha latte.
Originally posted by: nweaver
Ok, so lets talk about the laws here. For good or bad, it is YOUR responsibility to seek permission to use a resource (AP/Computer/access to the internet) NOT the owners to keep you out. This is a fact, it's the law good or bad. If you don't KNOW that you have permission, you should assume you DON'T.
802.11 association process....
Client sends a Beacon Request on all/most channels.
AP's reply with beacon information...nothing illegal here, you have not "accessed" the AP, you have done a public "shout" for AP's.
Client picks a network to connect to....client sends an 802.11 ASSOCIATION REQUEST......This is turning the doorknob on the wireless network (locked or unlocked makes no difference).
AP will either ask for the key (protected/locked door) or it won't (unprotected/unlocked door).
Assuming unprotected, you have now opened the door and walked into the private network that had it's door unlocked. You have broken the law, unless you have express permission to use said network.
Originally posted by: smack Down
Originally posted by: nweaver
Originally posted by: smack Down
Originally posted by: nweaver
Ok, so lets talk about the laws here. For good or bad, it is YOUR responsibility to seek permission to use a resource (AP/Computer/access to the internet) NOT the owners to keep you out. This is a fact, it's the law good or bad. If you don't KNOW that you have permission, you should assume you DON'T.
802.11 association process....
Client sends a Beacon Request on all/most channels.
AP's reply with beacon information...nothing illegal here, you have not "accessed" the AP, you have done a public "shout" for AP's.
Client picks a network to connect to....client sends an 802.11 ASSOCIATION REQUEST......This is turning the doorknob on the wireless network (locked or unlocked makes no difference).
AP will either ask for the key (protected/locked door) or it won't (unprotected/unlocked door).
Assuming unprotected, you have now opened the door and walked into the private network that had it's door unlocked. You have broken the law, unless you have express permission to use said network.
Do you have any law you wish to cite when you claim it is people responsibility to seek permission to use a resource? All the laws I can find only making it illegal to use one KNOWING that you don't have permission. If you don't know one way or the other then accessing the resource is legal.
So.....if I don't know that I DON'T have permission, I can use your car, or do you have to explicitly tell me "Don't use my car!"
I don't see why you keep making that same comparison. Put up or shut up show a law that makes it illegal to access a computer network without explicit permission. You will not find one. It makes sense that a user is allowed to connect to any services that does not deny him access because connecting to that services is the only means of communication the user and service have.
Originally posted by: MrPickins
Originally posted by: nweaver
Ok, so lets talk about the laws here. For good or bad, it is YOUR responsibility to seek permission to use a resource (AP/Computer/access to the internet) NOT the owners to keep you out. This is a fact, it's the law good or bad. If you don't KNOW that you have permission, you should assume you DON'T.
802.11 association process....
Client sends a Beacon Request on all/most channels.
AP's reply with beacon information...nothing illegal here, you have not "accessed" the AP, you have done a public "shout" for AP's.
Client picks a network to connect to....client sends an 802.11 ASSOCIATION REQUEST......This is turning the doorknob on the wireless network (locked or unlocked makes no difference).
AP will either ask for the key (protected/locked door) or it won't (unprotected/unlocked door).
Assuming unprotected, you have now opened the door and walked into the private network that had it's door unlocked. You have broken the law, unless you have express permission to use said network.
In my mind, the Association Request is a knock at the door, followed by an automated robot butler (the AP) saying: "sure come on in, have an IP address while you're at it!"
The configuration of the router is giving permission based on a setting made by the AP's owner. No different than a robot butler letting anyone in that happens to knock.
Originally posted by: Fox5
Originally posted by: Aikouka
Originally posted by: Golgatha
Meh, if the hotspot isn't secured then he ought to be able to access it.
I agree. If they want to restrict it to customers only, they should have methods to restrict it or a notice that is viewable to the entire range of the signal that it can only be used by paying customers. If not, how does someone know that it isn't simply provided free to anyone. The word "authorization" is a poor choice in this, because in computing, authorization refers to some sort of data being used as a "passcode." Such as your MAC address authenticating you to use a network or a username and password. Never in the world of computing has authorization referred to buying a mocha latte.
Guess the guy didn't have a very good lawyer.
Anyhow, I know my router supports a "limit access to " x " range" option, that would seem like the easiest way to stop illegal wifi access without requiring authentication for customers.
Originally posted by: BOLt
If a connection is open and unsecured, I don't see a problem with people using the connection. Yes, the coffee shop pays for the connection. No, the person in the car isn't buying coffee from the coffee shop, so the intent of the wireless connection for the shop's purposes is not being fulfilled. However, this is a minor side effect to having an open connection, and the man very well may have frequented the coffee shop to buy something in addition to using the connection. Besides, it's checking e-mail. Since when has that been a huge burden on a connection? Maybe if 1000 people were checking their e-mail at the same time, but this is just a bit absurd. I think the cops have better things to do than monitor this sort of stuff.
More inconsequential than jaywalking, IMO.
Originally posted by: Special K
Originally posted by: Fox5
Originally posted by: Aikouka
Originally posted by: Golgatha
Meh, if the hotspot isn't secured then he ought to be able to access it.
I agree. If they want to restrict it to customers only, they should have methods to restrict it or a notice that is viewable to the entire range of the signal that it can only be used by paying customers. If not, how does someone know that it isn't simply provided free to anyone. The word "authorization" is a poor choice in this, because in computing, authorization refers to some sort of data being used as a "passcode." Such as your MAC address authenticating you to use a network or a username and password. Never in the world of computing has authorization referred to buying a mocha latte.
Guess the guy didn't have a very good lawyer.
Anyhow, I know my router supports a "limit access to " x " range" option, that would seem like the easiest way to stop illegal wifi access without requiring authentication for customers.
You can restrict a wireless router's access to a physical distance? How accurate does that get? I once worked on a project involving the zigbee protocol and using the RSSI to calculate distance from a source proved to be incredibly inaccurate.
Originally posted by: smack Down
I don't see why you keep making that same comparison. Put up or shut up show a law that makes it illegal to access a computer network without explicit permission. You will not find one. It makes sense that a user is allowed to connect to any services that does not deny him access because connecting to that services is the only means of communication the user and service have.
Someone who...
(snip -- things specifically about accessing government/financial instituation systems)
(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(5)(A)(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(ii) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(iii) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage; and
(B) by conduct described in clause (i), (ii), or (iii) of subparagraph (A), caused (or, in the case of an attempted offense, would, if completed, have caused)--
(i) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;
(ii) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;
(iii) physical injury to any person;
(iv) a threat to public health or safety; or
(v) damage affecting a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security;
Originally posted by: TheKub
So when the Cafe, Dude, and Cop didn't know it was illegal this can still happen?
Originally posted by: nweaver
hundreds of years of private property laws. That AP is private, access to the network is private....you cannot use private property without permission. THE NETWORK IS PRIVATE!
Let me say it again, because you don't listen to anyone (it's been said before), we DON'T NEED A LAW JUST FOR ACESSING PRIVATE NETWORKS because they are PRIVATE PROPERTY and thus fall under the multitude of EXISTING laws.
Originally posted by: IcebergSlim
Police can do whatever they want. It is up to the prosecutor to prosecute or not based on the evidence. /thread
Originally posted by: mugs
Originally posted by: IcebergSlim
Police can do whatever they want. It is up to the prosecutor to prosecute or not based on the evidence. /thread
This has to be the least useful contribution to this thread yet!
Well, at least until I made this post.
Originally posted by: Matthias99
Originally posted by: smack Down
I don't see why you keep making that same comparison. Put up or shut up show a law that makes it illegal to access a computer network without explicit permission. You will not find one. It makes sense that a user is allowed to connect to any services that does not deny him access because connecting to that services is the only means of communication the user and service have.
Online services that can only be accessed indirectly work a little differently. You can't really 'ask permission' before sending a request for an HTTP page; by design, the server will respond to all such requests in some way. Unfortunately, the way 802.11 works -- if you do not want to set up encryption (which is not the simplest thing to do for non-technically-inclined people, and puts a burden on all authorized users of the network as well as the operator), there's no good way to inform people when they connect that it is not truly a 'public' network. The router just shuttles packets back and forth to OTHER systems, unlike a web server where it can directly reply with an HTTP page that explains that it is not meant for public use. But it's no different than, say, accessing an open proxy server without permission. The proxy server may not ask for authentication (in fact, unless it was set up specifically for this purpose its existence is almost certain unintentional), but you still are not allowed to use it unless the owner OKs it. I don't know where people are coming up with this "anything I'm not explicitly prevented from accessing is fair game" idea, but that is just not the way it works legally.
But even talking about HTTP web servers -- if I host a website on my own computer, and on the main/start page I put a notice saying "do not access this website without my express permission", you're not allowed to access anything else on that website even if it's not explicitly secured with passwords or other security measures (or if the measures in place are trivial to bypass; for instance, if the link on the main page requests authorization but you can access the files another way without a password).
Here is the relevant federal law:
http://www.usdoj.gov/criminal/cybercrime/cclaws.html#fedcode
http://www.usdoj.gov/criminal/cybercrime/1030NEW.htm
Someone who...
(snip -- things specifically about accessing government/financial instituation systems)
(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(5)(A)(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(ii) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(iii) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage; and
(B) by conduct described in clause (i), (ii), or (iii) of subparagraph (A), caused (or, in the case of an attempted offense, would, if completed, have caused)--
(i) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;
(ii) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;
(iii) physical injury to any person;
(iv) a threat to public health or safety; or
(v) damage affecting a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security;
(emphasis added; the relevant subsection is bolded)
Note that you are 'causing damage' in this case by stealing a service from the owner/operator of the network.
You can't be charged with a felony if the access cost someone less than $5,000 (although they could, in theory, file civil charges against you, as explained later in the statute).
Originally posted by: smack Down
Originally posted by: Matthias99
Originally posted by: smack Down
I don't see why you keep making that same comparison. Put up or shut up show a law that makes it illegal to access a computer network without explicit permission. You will not find one. It makes sense that a user is allowed to connect to any services that does not deny him access because connecting to that services is the only means of communication the user and service have.
Online services that can only be accessed indirectly work a little differently. You can't really 'ask permission' before sending a request for an HTTP page; by design, the server will respond to all such requests in some way. Unfortunately, the way 802.11 works -- if you do not want to set up encryption (which is not the simplest thing to do for non-technically-inclined people, and puts a burden on all authorized users of the network as well as the operator), there's no good way to inform people when they connect that it is not truly a 'public' network. The router just shuttles packets back and forth to OTHER systems, unlike a web server where it can directly reply with an HTTP page that explains that it is not meant for public use. But it's no different than, say, accessing an open proxy server without permission. The proxy server may not ask for authentication (in fact, unless it was set up specifically for this purpose its existence is almost certain unintentional), but you still are not allowed to use it unless the owner OKs it. I don't know where people are coming up with this "anything I'm not explicitly prevented from accessing is fair game" idea, but that is just not the way it works legally.
But even talking about HTTP web servers -- if I host a website on my own computer, and on the main/start page I put a notice saying "do not access this website without my express permission", you're not allowed to access anything else on that website even if it's not explicitly secured with passwords or other security measures (or if the measures in place are trivial to bypass; for instance, if the link on the main page requests authorization but you can access the files another way without a password).
Here is the relevant federal law:
http://www.usdoj.gov/criminal/cybercrime/cclaws.html#fedcode
http://www.usdoj.gov/criminal/cybercrime/1030NEW.htm
Someone who...
(snip -- things specifically about accessing government/financial instituation systems)
(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(5)(A)(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(ii) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(iii) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage; and
(B) by conduct described in clause (i), (ii), or (iii) of subparagraph (A), caused (or, in the case of an attempted offense, would, if completed, have caused)--
(i) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;
(ii) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;
(iii) physical injury to any person;
(iv) a threat to public health or safety; or
(v) damage affecting a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security;
(emphasis added; the relevant subsection is bolded)
Note that you are 'causing damage' in this case by stealing a service from the owner/operator of the network.
You can't be charged with a felony if the access cost someone less than $5,000 (although they could, in theory, file civil charges against you, as explained later in the statute).
Did you even read the law that posted. It is only talking about protected services.
Sorry you lose.
The access point works just like the HTTP server. if the owners want you to connect to will return a response. If the owners do not want you to use the service then it doesn't return a response to your request.
(2) the term "protected computer" means a computer--
(A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
(B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;
Originally posted by: Vic
Originally posted by: nweaver
hundreds of years of private property laws. That AP is private, access to the network is private....you cannot use private property without permission. THE NETWORK IS PRIVATE!
Let me say it again, because you don't listen to anyone (it's been said before), we DON'T NEED A LAW JUST FOR ACESSING PRIVATE NETWORKS because they are PRIVATE PROPERTY and thus fall under the multitude of EXISTING laws.
Smackers have been dodging this the whole time. He keeps asking, "what's the difference between an AP and Google?" over and over again as though it hasn't been addressed when it has over and over and over again.
What's the difference between your house and a grocery store?
Sometimes, it's just hard for me to accept that people can be this fscking stupid. You explain to them simple, basic, accepted and highly precedented concepts, and their ideological selfishness keeps them from seeing it. I am sorry, but just because you WANT something to be a certain way to your advantage, does not make it so. And this is the primary disconnect in the socialist/communist ideology: how can you claim to value labor so highly and yet believe you have the right to steal the product of another's labor (their property) whenever you feel like it? How is that not selfish?
Originally posted by: flexy
does this ALL make any sense ?
I mean i am aware of the topic and they recently started to go HARD after piggybackers....BUT:
See it from the technicl side please !
a) If someone has an open WiFi Network and NO encryption whatseoever it is my opinion that the OWNER of the network has a certain responsibiloty TOO.
b) If i have a notebook with standard wireless network settings and HAPPEN to pick up a unecyrpted network...WINDOWS *automatically* connects to that network.
There is no WARNING given or any hint that this connection might be against a law.
I happened to see at my in-laws (OMG:.did i just say inlaws.....lol..have to tell my GF ..they live in an average suburb.
Their router/PCs lists a whole range of networks in the neighborhood and it just HAPPENED by default they connect to the strongest one showing up in the list.
When i was configuring the router i myself hooked up REPEATEDLY to some router/admin interface...and i was wondering whats going on since something didnt make sense...ad it DAWNED upon mke i am actually in the admin-GUI of some neighbours router and NOT the linksys my GF's parents had.
It also looked like at the beginning (before i started to check their network) they were not even connected to their OWN - of course unknowingly to themselves, just because of lack of technical knowledge and since Windows just connects to whats THERE, and this happened to be somewhere in the neighborhood.
So...there is no question that piggybacking is equal to stealing, becaue you DO use someone elses network and resources.
Originally posted by: smack Down
Again another useless physical world analogies. But the difference one has a giant sign announce it is open to the public the other one doesn't. Hey look your access point also makes that same announcement every second. Guess you lose on that point to.
Connecting to an open wifi network is no more stealing then connection to any other open server on a public network. If a person or company wish to give away there services who I'm to complain.
Originally posted by: spidey07
Originally posted by: smack Down
Again another useless physical world analogies. But the difference one has a giant sign announce it is open to the public the other one doesn't. Hey look your access point also makes that same announcement every second. Guess you lose on that point to.
Connecting to an open wifi network is no more stealing then connection to any other open server on a public network. If a person or company wish to give away there services who I'm to complain.
PRIVATE network. Big difference. PRIVATE NETWORK.
Originally posted by: smack Down
But isn't private because anyone can connect to it.
Originally posted by: smack Down
Originally posted by: spidey07
Originally posted by: smack Down
Again another useless physical world analogies. But the difference one has a giant sign announce it is open to the public the other one doesn't. Hey look your access point also makes that same announcement every second. Guess you lose on that point to.
Connecting to an open wifi network is no more stealing then connection to any other open server on a public network. If a person or company wish to give away there services who I'm to complain.
PRIVATE network. Big difference. PRIVATE NETWORK.
But isn't private because anyone can connect to it.
Originally posted by: smack Down
Originally posted by: Vic
Originally posted by: nweaver
hundreds of years of private property laws. That AP is private, access to the network is private....you cannot use private property without permission. THE NETWORK IS PRIVATE!
Let me say it again, because you don't listen to anyone (it's been said before), we DON'T NEED A LAW JUST FOR ACESSING PRIVATE NETWORKS because they are PRIVATE PROPERTY and thus fall under the multitude of EXISTING laws.
Smackers have been dodging this the whole time. He keeps asking, "what's the difference between an AP and Google?" over and over again as though it hasn't been addressed when it has over and over and over again.
What's the difference between your house and a grocery store?
Sometimes, it's just hard for me to accept that people can be this fscking stupid. You explain to them simple, basic, accepted and highly precedented concepts, and their ideological selfishness keeps them from seeing it. I am sorry, but just because you WANT something to be a certain way to your advantage, does not make it so. And this is the primary disconnect in the socialist/communist ideology: how can you claim to value labor so highly and yet believe you have the right to steal the product of another's labor (their property) whenever you feel like it? How is that not selfish?
Again another useless physical world analogies. But the difference one has a giant sign announce it is open to the public the other one doesn't. Hey look your access point also makes that same announcement every second. Guess you lose on that point to.
Connecting to an open wifi network is no more stealing then connection to any other open server on a public network. If a person or company wish to give away there services who I'm to complain.