Stupid newbie question about legality

You're missing a point. You can buy books that tell you how to make nuclear bombs, fragmentation grenades and toxins too.

Its not illegal (in most jurisdictions) to explain to people how to make something. The illegality comes in the use.

Get a clue?

Mark, you missed my point. We are not discussing the construction of nuclear bombs.

This whole BS argument over what is legal and what is not *WAS* all about open wireless access to the internet. (Not house burglary, not bomb making, or violating someone's priviacy.) It got started with my reply to the original post. I told the guy to use the free and open connection and assume it was OK unless he was informed otherwise. I was promptly told how illegal that was and how immoral I am for telling him that.

Then I see a popular Mac Magazine promoting that very thing.

Someone around here has a bad case of "holier than thou". (there are a few like that in every group - I am not referring to you, Mark)

William Lee

This article, and others from you, are filled with personal remarks that have *nothing* to do with the topic under discussion.

RF layer... maybe. MAC? nahhh.

We should also note that none of the third party firmware packages available for Linksys or other similar Broadcom based boards actually modify the program that controls the RF module (at least as far as I know, but I haven't seen Sveasoft's Talisman, nor the latest Talisman source code that DD-WRT is using). That's a proprietary program from Broadcom which is

*not* provided as source code.

Hence we wouldn't want to infer that the above means that using the various third party firmware packages is illegal.

But it is an interesting perspective, because I was somewhat annoyed that that specific program was only distributed as binary object files to be linked. But this does suggest one reason Broadcom might be doing that, while releasing all of the other source code.

However... I doubt that applies to the firmware which runs the motherboard that controls the radio. It certainly does applies to the firmware *in* *the* *wireless* *chipset*, and maybe only to that firmware.

Hence even if someone disassembled the Broadcom program and proceeded to reverse engineer another program to control the RF section, I doubt it would affect the type certification.

And there *are* people who want to stretch to that far too!

The logs probably are! I'm not sure about disclosing lists of SSID's though, because that is a "broadcast" intended specifically for third party interception.

Anything that requires diddling with data packets, and any information derived from them... definitely verboten.

Nahhh... only a small minority.

Permit me to add some fuel to the fire.

Attaching an external antenna to a Part 15 device is illegal unless is was type certified with the device. You may attach a different antenna, as long as it's the same general type and has equal or lower gain.

Modifying a Part 15 wirleless device internally in any manner that affects its type certification is illegal. That includes customized firmware that controls the RF and the MAC layer.

Liberally interpreted, the use of any decryption software is illegal according to the DMCA (Dismal Millenium Copyright Act) as it *MIGHT* be used to pirate copyrighted material. This is probably a stretch, but not impossible.

Interception of radio signals and disclosing them to a third party or using the info in any manner is strictly illegal. That includes posting Netstumbler logs to web sites and disclosing the results of war driving.

So, perhaps 50% of the technical recommendations in this newsgroup break FCC rules and regs. Whether anyone really cares to enforce the rules and regs largely depends upon political agenda and the authority's need to "set an example".

The offense rests...

"Floyd L. Davidson" wrote

Floyd, your statement is really stupid. What can you possibly support that statement with? Did you even SEE the article I am referring to or is this just something else you want to show you superior knowledge and debating skills?

If you make a directional antenna from the magazine plans and then drive around looking for WiFi hotspots like they suggest in the article ... how do you determine if you are welcome when you find one that is open.

The guy I replied to here did just about that. He hung a antenna outside his window and found he could connect to the internet via an open wireless connection. He then asked the question here if that was legal and moral to do so.

How can you tell the difference between a wireless connection that you are welcome on and one that you are not? If it is incripted or requires a password it a no brainer ... stay out! But ... if it is in the open then it can be assumed that you ARE welcome to use it.

I think it is whole thread is more an issue that you just like to argue with people. Nothing wrong with that ... if you use a grain of common sense. Tossing out remarks of a personal nature instead of debating the issues is the sign of a very small minded person.

Like I said to Mike, there are one ot two like you in every group.

William Lee

Out of all I typed in my reply to you ... is that all you responded to?

Like I said ... there are one or two like you in every group.

William Lee

Seems to me like a more accurate analogy would be cutting across a neighbor's property. If the neighbor doesn't put up a fence (or even if he does), it's still trespassing. The problem really arises when the trespasser decides to cut across with a bulldozer (or want's to cut thru your living room and grab a few things along the way).

The trespassing charge (as applied to private property, not a corporate site), while still a crime, is a pretty low level crime. Doing mischief (or stealing stuff along the way) is far more serious. If you're using an open AP to simply read a few emails and haven't inconvenienced the owner in any way, I view it as simple trespassing, like cutting across a neighbor's unfenced yard. Yeah, technically illegal, but no harm done.

Anything more than that, and it's no longer simple trespassing. And from all the things I've read here, it sounds like the courts and commissions are more concerned with focusing on the mischief or criminal intent part of the ruling.

Connecting to an unsecured network MAY be against the law, but I think anyone arrested because of it would be primarily charged with intent to do damage, rather than simply the act of connecting.

My stance ain't necessarily the legal viewpoint, but maybe it'll make some of you think a little bit harder about a possible solution. All the views presented here certainly gave me some things to think about. The moral and legal ramifications of this problem area are certainly large.

Harvey Gerst Indian Trail Recording Studio

Ummmm... How about:

1. Adding additional channels now authorized in the USA?
2. Increasing the power level to the point of breaking the occupied bandwidth specifications?
3. Increasing the aggressiveness of the backoff algorithm to insure that your radio belches its packets immediately after a collision?
4. Increasing the SS duty cycle to transmit more often than what the FCC specifies to allow it's version of a "fair share" of airtime alogrithm?

I've seen all these in either distributed alternative firmware or patches submitted by users.

Sorta. I've looked at Alchemy and HyperWRT source. The defaults are the same as Linksys. However, the linkable libraries and API accept parameters from the user that could easily create a violation of FCC rules, 802.11 standards, or good practices.

Would you conceed that it's an enabling technology that allows the average hacker with a compiler to create a device that would not pass type acceptance? Using all the defaults, it might pass, but tweaking any of the exposed timing, frequency, and power parameters would certainly cause trouble.

You can get it from Broadcom with an NDA and developers license. Part of the restrictions is that you don't pass it on, post it, decompile it, or otherwise leak it. I'm suprised the Broadcom hasn't yelled about it, but with $500 million sales in the first quarter of 2005, methinks they don't want any bad publicity by taking on the open source horde.

I don't think the Broadcom was the one that leaked it. I think Linksys/Cisco screwed up when they initially released the source code under GNU license.

I dunno. Anything that affects Part 14 operation is theoretically illegal. Where the culprit is located is IMHO not important.

Without doing the measurements, nobody can be certain that the new and improved firmware didn't do something disgusting. The FCC required that a device be recertified if anything that affects the emissions is changed. That includes the wall wart, antenna, and substantial packaging changes.

I could dive into Part 15 and find the chapter and verse, but I'm burned out tonight. We had a power glitch the reset the firmware settings in my neighborhood access point and two DWL-900AP+ client radios. I don't need this kind of problems. Grumble.

Ok, let's split hairs. Netstumbler works by transmitting a probe request and waits for the access points to respond with a probe response. There's no requirement for the access point to broadcast anything. The SSID just happens to be the same in a broadcast as in a probe response.

I'm not sure if the 3rd party rule includes information *ABOUT* the transmission, or the transmission itself. I do know that the FCC got one someones case for disclosing the frequency of interception without also disclosing the content. I guess that would be included as information about the transmission, but I'm not sure.

Well, my list of commonly posted illegal recommendations include:

1. Excessive gain antennas.
2. Alternative firmware with excessive power, additional channels, and creative timing.
3. Software that captures or identifies users or content for the benifit of a 3rd party.
4. Recommending configurations that exceed 15.247 EIRP limits.
5. Jamming proceedures. I can probably generate a count with a grep through the news spool directory tree, but I don't really wanna burn the time. Of course, I'm part of the problem, having recommended war driving software, big antennas, (not power amps), and alternative firmware.

Floyd is more by the book, Jeff is more LearnByDestroying.com.

I don't know that I accept legal opinion from either of them. They have different approaches to RF solutions in this group.

Part 15 intentional radiators (transmitters) are type accepted as a system. That includes the power supply, antenna, ethernet cable, and usually a laptop. Checkout any of the test setups on the FCCID pages.

The specific chapter and verse governing modifications has been changed and clarified about 6 months ago. See 15.204(c)(4) |

mutters about replacement antennas:

15.204(c)(4) Any antenna that is of the same type and of equal or less directional gain as an antenna that is authorized with the intentional radiator may be marketed with, and used with, that intentional radiator. No retesting of this system configuration is required. The marketing or use of a system configuration that employs an antenna of a different type, or that operates at a higher gain, than the antenna authorized with the intentional radiator is not permitted unless the procedures specified in Sec. 2.1043 of this chapter are followed.

That means you can hang on a new antenna if:

1. It's the same type (omni, dish, yagi, patch, whatever) as the original.
2. If it has equal or less gain as the original.

Strictly speaking, that makes all pringles cans, biquads, and big dishes illegal unless the access point was type accepted with something like the replacment antenna.

Sure. They also made a muddle out of the use of multiple polarization on FM, the power for SCA carriers, and the mess of engineering calculations necessary to license an FM broadcast xmitter. Any sane engineer would just set a limit on total EIRP and let the station decide where it wants to dump its power. However, the FCC is not run by engineers. It's run by attorneys and politicians who have a different perspective.

For 2.4Ghz it's easy. For 5.7Ghz, it's a mess. For 2.4Ghz point to multipoint, 15.247 sets a maximum of 1 watt (+30dBm) into +6dBi omni or +36dBm EIRP. For point to point, it's a complex mess that allows a reduction of 1dB in power output for every 3dBi increase in directional antenna gain. I don't wanna even try to explain this months 5.7GHz rules.

Ummmm... I'm not sure where you got that idea. The rules are mostly EIRP which can be calculated much easier than measured.

Exactly. I have quite a bit of experience with WRB enforcement actions and proceedures. Nobody cares until some VIP complains. Then, the roof falls in.

There isn't a service that doesn't have its violators. However, if you really wanna see what the WTB enformcement burrow spends its time on, check out:

you dig through the list of enforcement actions and NAL (which I do), you'll find an awful lot of "failure to post license" and "tower lighting" type of violations. Them are easy money.

Sure:

the 23cm band.

Change that to ..."not authorized". I gotta hire me a new proof reader.

"Jeff Liebermann" wrote

Jeff, I don't know if directional antennas for wireless networks need to be type accepted. Some wireless devices come equipped with external antennas and directional gain antennas are certainly for sale to use with them. Certainly any transmitter (or any device that could radiate RF) sold commercially needs to be.

I do know that the FCC used to limit the power output of transmitters on the FM broadcast band but they changed that wording and made it a signal strength limit at a specific distance from the antenna to really put a limit on how far someone could legaly transmit a low power signal. I don't know if that type of field strength measurement is applied to wireless network transmitters or if they just limit the power output of the device. If all that is regulated is the power output and purity of the transmitter then any type of antenna would be legal.

I admit ... all this is really splitting hairs and picking nits. About the only reason the FCC would even become aware of any such activity is if it caused interference to other services and/or was reported as part of a complaint. CB'ers in the USA ran excessive power for a long time and some still do. Hams sometimes run more than the legal limit allowed by the FCC. It never seems to become a real problem until there is a complaint filed.

Isnt there a ham band covering the 1.2 Ghz?

Wiliam Lee

Done with the Broadcom proprietary program, which is not changed. And controls the RF layer.

Same. Though I'm not sure that can even happen... given these things have a maximum output of 251mW.

Insignificant as far as legality/type certification goes.

Does the FCC specify that? Does the firmware allow it to be changed? (I don't know on either count. If it does though... that would still be the proprietary program.)

Really? I haven't. I've seen people mentioning what is

*already* available in the Linksys firmware if you merely know how to use it! All the third party firmware is doing is making it very easy to use.

(Note that I haven't seen a lot of the sofware... but I have looked at Linksys 3.03, Sveasoft's Alchemy, DD-WRT's prefinal4, and the most recent CVS dump of OpenWRT. I've compiled and run all of those, plus I've loaded pre-compiled binaries for some others, like HyperWRT and Sveasoft's Satori.)

Yep, I'll grant that the "easy access" provided definitely makes illegal configurations easy. But the Linksys firmware allows all of that too; it just doesn't give a nice web page interface to do it!

No. I'd say it allows a far _less_ than average hacker, even _without_ a compiler, to easily configure the device beyond what is allowed by the FCC! I'm not sure that it affects the type acceptance status though, given that nobody is *selling* them with such firmware loaded (which would require it to be type accepted with it installed). Once someone owns one, they are quite free to do many things that can't be type accepted, and not all of them are illegal either.

But it definitely puts it in the same range that 10 meter ham band amplifiers were back when CB first came along! An open invitation to abuse the rules... and not have to worry because the FCC is definitely going to ignore it anyway.

I don't understand. First, an NDA agreeing not to "decompile"? If they give you the source code, what's to decompile?

Second, what is there for Broadcom to yell about? Nobody has decompiled it that I know of, and nobody has released the source code that I know of.

We're talking about the /wl/ program, to get very specific. It appears there may be some new programs available though. It looks like OpenWRT uses something they provide source code to, but it is much more limited than the /wl/ program from Broadcom. I haven't seen what Sveasoft is actually using, but the comments that Sebastian Gottschall (who does the DD-WRT firmware) has posted in various places indicate he has source code to some new Broadcom drivers, and I don't know if that is or not included. It wouldn't make much difference to him anyway, as he lives in Germany...

Except they didn't provide the source code to the proprietary programs. As noted previously, all you get for /wl/ is a directory filled with *object* files, and one or two source files that are system specific glue to tie it all together, along with a Makefile to link them.

Another oddity is that Linksys did *not* add a GPL notice to the various Broadcom source code that they did release. Most of it is marked as "unpublished" and so on, copyrighted by Broadcom, for whatever that is worth. But it is *not* GPL'd. I don't recall a single file that Linksys released to which they have

*added* the GPL. (Which means if they *used* a GPL file, it is still GPL'd. The reason they were required to release anything at all was because they did in fact use a great deal of GPL's code. That was the only part they were required to release. I suspect they released the rest of it as part of the concent agreement, but I don't know that.)

Of course, one of the more hilarious things I've seen in WRT54G source code is a copyright notice by Sveasoft attempting to put something under the Apache license with a specific notice that it

*cannot* be re-released under the FSF's GPL. (Specifically, it appeared at least at first glance that Sveasoft violated their license... :-)

I've also seen several files, from more than one distribution, which have lost their original copyright notices along the way too. That is just extremely sloppy...

But then again... all of it right from the beginning is fairly sloppy! The Linksys released code compiles out of the box with

*obvious* bugs that the compiler even flags! I just fixed one today that had something like,

char buf[50]; sprintf(&buf, ...);

Which the compiler complained about.

Could be. I'm not sure that is the case though.

I do know that type acceptance of the interface devices for telephone lines are an example where that is *not* the case. You can buy a type accepted device, and then proceed to rip out the innards and do whatever you like to it. The FCC does *not* regulate what the consumer does with it, only what the manufacturer is selling.

Radio transmission is different though, but since it is unlicensed I'm not sure there is much difference. It is illegal to do things without a license that require one, and it is illegal to do things that your license doesn't permit. But this is *unlicensed*. A whole different game. (Except for people with a commercial operator's license, where it gets real tacky...)

Recertified *if* it is to be marketed with that firmware installed. That has nothing to do with a customer doing a little knob twisting.

You're getting carried away. The wall wart and packaging? Nahhh... And unless they are dumb they've certified it with an antenna that has significantly more gain than the ones they sell it with, thus making it quite legal to use a high gain antenna. (I don't recall the specifics, but isn't it allowed to run these things with some god-awful power/gain that is far more than a

1/4 watt output device can achieve anyway?)

Well, first things first Jeff, get some rest. But we want that report posted tomorrow morning before noon, okay??? ;-)

If it's only the SSID that gets listed, I don't see a problem. It's when the packets get disassembled looking for information intended *only* for the device that is connected that it becomes illegal.

Only the information transmitted. Things like the frequency, modulation type, etc. are not protected.

I'd have to see that one... Unless the data was obtained from another transmission which indicated what the frequency of a separate transmission would be, I can't see it. Never know though... the FCC certainly goes off in some strange directions these days...

I'm not sure we've seen one. It's hard to tell if it is legal or not.

Not illegal. Using it incorrectly might well be illegal, but installing it is not. And I haven't seen anyone suggest using any of those.

Yep. We certainly do see that once in awhile.

Yep. Not often, but it does happen.

Yep. Again, that's mighty rare, but does happen. As opposed to the two above, this one usually results in someone pointing out the legal status too.

I know some people who'd be happy to escort you to the poogie Jeff, if you are volunteering.

Not that they have anything against you in particular, they just like throwing people in jail...

(everything up to here snipped)

It's interesting that nospam brought up New Hampshire, because they also passed a law specifically outlawing the practice of taking pictures or shooting video through someone's window, even if you can clearly look right in. So much for the legality of the public property / plain sight argument.