Who needs broadband?

Posted by: Rasher on 06 May 2006

Amazingly I have never failed, wherever I am, to just turn on my laptop and log onto someones unsecured wireless network. I'm in Eastbourne right now and have just fired this up to pick up my emails, so thanks to whoever is paying for this service. I just thought I'd take a look on the forum while I'm here.
My network at home is secured, so maybe I'm just being selfish.
Posted on: 06 May 2006 by Chillkram
Funny you should say that. I've just set up a wireless network in the house about 30 mins ago. You've just reminded me to make it secure now I know it works.

Thanks, Rasher.

Mark
Posted on: 06 May 2006 by Paul Hutchings
Not sure about selfish but you are breaking the law under the Computer Misuse Act - just pointing it out I'm not saying you're right/wrong to use it.
Posted on: 06 May 2006 by Derek Wright
Ther was a case reported of a WiFIuser that was cruising and using stray WiFI and was given a prison sentence as well as having his hardware confiscated.

However when I go to some hotels that want to charge me £10 or more for a period of 24 hours broadband connection - regardless of the actual time connected or the amount of data transferrred. I can understand useres grabbing what they can.

I am similarly unimpressed of the costs charged by some of the public WiFi services.
Posted on: 06 May 2006 by Roy T
The Cloud hove into view a week or so ago but this is a pay for use type of thing although they do have a few useful locations Smile Now if only they could block the use of mobile phones in the pubs then all would be right with the world.
Posted on: 06 May 2006 by DIL
I have a wireless network at home. No idea if it is secure or not. Any pointers to web sites explaining how to set up a wireless network properly?

/david
Posted on: 06 May 2006 by garyi
David.

Log onto your router. In there will be wireless set up.

You want to set the WPA password. Make it long and complicated and write it down, remember where you put it.

Now when you next try to use the web with your lappy you will be asked for that password. Once entered you can save it so you don't have top enter it each time.

This is a simple security procedure and will cover you against 'cruisers'

Andover is totally loaded with unsecured wireless, its amazing because presumably you are not far away from some ones home folder, just using their space to use the web is no biggy, but pulling out their personal info is a big deal.
Posted on: 06 May 2006 by Guido Fawkes
quote:
Originally posted by Paul Hutchings:
Not sure about selfish but you are breaking the law under the Computer Misuse Act - just pointing it out I'm not saying you're right/wrong to use it.


How? Unless Rasher gets a warning message saying he is not allowed to use it or words to that effect then I don't see that he is breaking it.
Posted on: 06 May 2006 by Rasher
I'm not sure that you could get to anyones personal files Garyi, as surely all wireless routers come automatically with a firewall that is set up and working as a default setting. You are only logging onto their router and broadband service, not their computer.
I wasn't aware that it was a big deal to do this - it isn't like you are taking anything or doing any damage. Surely if someone is broadcasting a free connection then that's down to them. It's only like if someone left a tap running outside their house onto the pavement and you took a drink from it as you passed by, or eating a windfall apple off someones tree if it fell onto the pavement. Thing is, it's like I said, I have never failed to get a connection wherever I am when out and about, and there is no identifying where they are coming from. It may be a bit cheeky but it's nothing more serious than that.
Am I wrong? To be honest it hadn't crossed my mind that it may be illegal.
Posted on: 06 May 2006 by Guido Fawkes
Rasher

You are connected to the wireless LAN which in turn connects to the router. The router's firewall will operate on the broadband WAN interface and I doubt it will not stop one node on the wireless LAN connecting to another node on the wireless LAN.

My wireless LAN is independent from, my router as it uses an Apple Airport (Wireless Hub). As Garyl writes, to get on to it you'd need to crack my WPA password, which I change quite regularly using a password generator. The individual nodes are Apple computers and protected by their own firewalls (IPFW) - so to get to my file shares you'd need to circumvent IPFW. If you did this it may well be illegal, as you'd definitely be breaking-in.

However, if I deactive WPA and simply let you in - so if you were next door then it would adverise itself on your computer's 'Finder' as a wireless network then you could use it for Internet access. If that's all you did I can't see the harm in it.

Interestingly, Apple warns me (i.e. a message pops up) that if I share out my Internet connection then I may be violating the terms and conditions with my ISP and the ISP may cut me off. However, I doubt the ISP would know this as I do all my Internet stuff through a proxy server - so if you were sharing my network the ISP would think you were me. The way it is set up, you'd need a digital certificate to identify yourself to my proxy server to use my Internet connection.

So I don't think you are doing anything wrong (although I'm not a lawyer) as you are using wireless networks that advertise themselves on your computer and invite you to join. Not one like mine where you would have to hack-in to use it.

Regards, Rotf

BTW - driving around with a wireless access scanner is illegal, as far as I understand, but that's very different from finding by chance that a wireless LAN has advertised itself.
Posted on: 06 May 2006 by NaimDropper
Holy crap! Driving around with a wireless scanner is illegal?
You folks need to vote out all your incumbent law makers, that is ridiculous.
If someone broadcasts it you are welcome to receive it in the USA. Certain military transmissions are exempt from this, of course, but they take great pains to encrypt stuff they don’t want the bad guys to understand.
As to purposely trafficking on someone else’s node, there may be reasonable laws on this. Certainly if they have the connection for sale and you are using it for free then the owners have a beef.
If someone doesn't secure their private network with the simple and all but un-crackable 128-bit WPA codes then they get what they deserve. (Chillkram, you need to research this and secure it for your own peace of mind at least.)
David
Posted on: 07 May 2006 by garyi
The firewall will stop attacks fromt he web, not from devices on the netwrok otherwise there would be no network.

Put another way my iBook connects to my home computer via the router no problem. Luckily someone would need to know my admin password.

I do not know how to do it on a PC but its got to be at least as possible.

Access to someones bandwidth is the smallest concern if their wireless is not secured.
Posted on: 07 May 2006 by Derek Wright
To correct my comments earlier - here is the story in The Register
Posted on: 07 May 2006 by andy c
quote:
How? Unless Rasher gets a warning message saying he is not allowed to use it or words to that effect then I don't see that he is breaking it.



The offence is complete when you dishonestly attempt to access the technology. The Mens rea is that you did so knowing that if the owner was aware, they would not have let you do what you did, would they?

Law review over..

andy c!
Posted on: 07 May 2006 by Berlin Fritz
*
Posted on: 07 May 2006 by Paul Hutchings
quote:
Originally posted by ROTF:
quote:
Originally posted by Paul Hutchings:
Not sure about selfish but you are breaking the law under the Computer Misuse Act - just pointing it out I'm not saying you're right/wrong to use it.


How? Unless Rasher gets a warning message saying he is not allowed to use it or words to that effect then I don't see that he is breaking it.


Hmm.. well I'm no lawyer but presumably unauthorised access to a private computer system/network (and a router is a computer) is not allowed and is illegal by default, and isn't dependent on having a warning to tell you?

Crap analogy time but it seems a bit like saying it's alright to have a walk around my house if I leave the front door open because I didn't hang a sign up saying it wasn't?

Where it gets a bit wooly is that the act says that he has to be aware that the access is unauthorised, so I guess you could argue that you weren't aware as the access point was open.

As for the "no harm done", well yes and no, OK if all you're doing is checking a few emails then possibly not, however in this day and age of capped and metered internet access you might well be costing them money by eating into some quota.

Paul
Posted on: 07 May 2006 by garyi
If you have not secured your wireless network you leave your self open to all sorts, especially in busy areas, cities etc.

Your IP addy could be used to send spam, access dodgy porn and all sorts.

The importance of securing your home network should not be underestimated.
Posted on: 07 May 2006 by Guido Fawkes
quote:
Originally posted by Paul Hutchings:
As for the "no harm done", well yes and no, OK if all you're doing is checking a few emails then possibly not, however in this day and age of capped and metered internet access you might well be costing them money by eating into some quota.

Paul


Excellent point Paul.

If I were using a 3G (UMTS) router to access the Internet and connected that to my wireless hub then I would certainly object to anybody using it without my permission. 3G Internet access is charged by the bit and so I'd pick up the bill for them.

So you're right, as a wireless guest is unlikely to know how the owner of the subscription to the Internet access service is being charged.

Perhaps, it is good practice not to do it without permission.
Posted on: 07 May 2006 by andy c
quote:
Where it gets a bit wooly is that the act says that he has to be aware that the access is unauthorised, so I guess you could argue that you weren't aware as the access point was open.


... and that would go something like: "Well, I didn't have my own internet access, so I thought I'd try and log into someone else's"
"Was this authorised?"
"Er, I don't know"
"Did you ask the person in question?"
"No"
"So you made an assumption it was authorised, then..."
"Well, it's their fault 'cos they didn't enable suitable security measures etc etc etc"

Please.
Posted on: 07 May 2006 by Derek Wright
However if you have an open access drive at the front of the house then other peopple can drive on to the drive (or so I was told by the police) when people started to use my drive as a diversion from an obstruction in the road. I now use a work of art or an installation to reduce the useful width of the drive to inhibit the use of the drive as a bypass. So far one of the installations has been stolen in 23 years. I will report the next theft and really cheer up the local crime figures by giving it a very high notional value. After all it is an original Wright and there are not many of those around.
Posted on: 07 May 2006 by andy c
Derek,

you are right in relation to implied access to an unobstructed drive.

There is no comparison tho re implied access to a driveway and accessing an IT system for internet use.
Posted on: 07 May 2006 by Derek Wright
Andy - I was only pointing out the inconsistency of the law.
Posted on: 07 May 2006 by Rasher
quote:

Crap analogy time but it seems a bit like saying it's alright to have a walk around my house if I leave the front door open because I didn't hang a sign up saying it wasn't?

No it isn't like that at all. The connection is being broadcast out into the surrounding district, no-one is coming in to get it.
If you pass a skip in the street, is it okay to pick out a chair or something that you like and take it home, or is it still belonging to the person who "threw it out"?
I'm feeling bad about this now and I'll think twice before doing this again, but I'd still like to clear up how wrong it is, if at all.
Posted on: 07 May 2006 by u5227470736789439
Dear Rasher,

Might it not have been a case of hear no evil, see no evil andspeak no evil? Surely if you don't go invading their files and just collect a few emails, then it is no issue.

But if you start downloading illegal Polish or Russian sites for films it might be.

Not a blood-pressure raising issue in reality I would have thought... Fred
Posted on: 07 May 2006 by Guido Fawkes
Dear Fredrik

It would be OK if the owner pays a flat rate charge, but some services are charged on the amount that is downloaded - I know these are not very common, but the 3rd Generation Mobile Phone Network is an example. I set one of these up recently for a shop to use until it could get standard broadband. It also has a small wireless network. Hopefully I did a good job so it won't have unwanted users.

However, if somebody used it download his or her emails then the shop would pay for this - how much depends on the email size. In fact we already had a problem when a shop assistant decided to test the service with iTunes despite being told by the shop manager this was not allowed. We now have a white list of sites that users may access.

I agree that ordinarily it is not a problem and if a neighbour wanted to use my flat rate connection from time to time to download some emails, I'd have no issue with it.

Rasher - I wouldn't feel bad about it. You've done nothing malicious.

Best regards, Rotf
Posted on: 07 May 2006 by andy c
quote:
Andy - I was only pointing out the inconsistency of the law.



I may have got the wrong end of your stick Eek , Derek, so to speak, and If I have I apologise.

However, walking up an open driveway to someones house is not the same as accessing someones wireless network without permission IMV.

If it were the same, the case law and legislation would read the same. It doesn't, for valid reasons.

Andy c!