Hijacking a broadband connection

Not all wireless router manufacturers are that negligent. 2wire.com wireless routers are delivered with a unique SSID, password pre-assigned, encryption enabled, and a random encryption key assigned. These are all printed on the label on the unit, which methinks is not a great idea, but certainly better than totally insecure by default. If asked, most cheapo wireless manufacturers will proclaim that shipping units secure by default will be difficult to administer and cost too much. Well, 2Wire has been doing it successfully for several years, so it shouldn't be too difficult to emulate. Setups for the major ISP's are also built in:

Except that not everyone that cluelessly buys and implements at home is the whole IT department at work. Sometimes yes.

David.

However, nowadays a lot of security access control is handled electronically. So I think that, in the absence of evidence of malfunction or tampering, the assumption must be that an electronic security access system is acting with the authorisation of, and implementing the policies of, its owner. This should apply just as much to the case of a wireless router allowing (or blocking) access to a laptop PC as to the case of an ATM validating your 'access' when you use a Chip and PIN card to withdraw money.

He is inviting only J. Random Hacker to use it.

You are inviting the *law* *abiding* *public*!

Subtle difference... ;-)

Another, even more subtle difference, is that what *he* considers may not be what any given law enforcement agency considers. Only a few test cases can differentiate the two.

In his one specific case might well mean that nobody will be convicted (even if they might get arrested and spend a night or two in jail and have all their computers seized for a few months) for accessing *his* unsecured default network. But in general accessing such networks might, in addition to the arrest and seizure, follow with a conviction and serious jail time.

That may or may not happen to any particular person, but win or lose, *I* don't want to be the test case...

Hence "unsecured default" is not what *I* consider an "open" system or an invitation. An unsecured network with some other indication, which the SSID may or may not provide, is required.

For example, the "OpenAccess" SSID would be. Likewise any likely commercial name where it is *clear* that they might want to allow any user to access it *and* that they have the expertise to block users too. For example, I parked next to a Hilton Hotel once and downloaded a couple files off the Internet to my laptop through their open wireless access. I've also connected to a wireless at such places as Burger King.

On the other hand, if the SSID is "LinkSys", I wouldn't touch it with your ten foot antenna!

Makes a remarkable amount of sense... thanks.

Mike

--

'As I walk along these shores I am the history within'

Surely it would be better to make it as explicit as possible that you intend for the network to be available to all and sundry? Perhaps you could use a SSID like "OpenAccess", "FreeForYouToUse", or "Welcome"?

Chris

That is indeed a ridiculous analogy, because there is *no sign* which says "Free Apples Here". All there is is the unlocked back door.

Now, if the SSID gets changed from "Linksys" to "OpenAccess", then yes there is a sign... and the analogy would fit that scenario.

Please explain how that is true?

That is like saying the back door to the garage has to be camouflaged to hide the fact that a door exists.

Just as with broadcasting the SSID, if anyone actually uses that hidden door it will be spotted by everyone standing in the street watching.

Every packet sent by the AP includes the SSID in clear text; the only thing that "broadcasting" it does is provide it at a frequent enough rate that a quick scan (by someone who wants to avoid interference) will spot it. Not broadcasting it merely means the scan has to last a little longer (someone has to stand in the street watching the garage until the door gets used).

The only way the SSID is a sign is if it is something like "FREE_ACCESS". If it says "Linksys" that is no different that the lock on your door saying "Shlage" on it.

You didn't though...

That is an absurd concept!

As I said, you are claiming the garage door is an invitation if it isn't hidden with camouflage. Actually now you are claiming the entire garage has to be invisible!

You don't have to hide your garage, and you don't have to lock the door either. Anyone who takes something from the garage without permission is *stealing*.

The same is true of you wireless network. *Broadcast* is *not* what makes the network visible! It merely guarantees an identifying packet will be sent at *shorter* intervals than will happen if it is not broadcast. In either cast your SSID is unencrypted in *every* packet your AP sends.

Locking the garage is not required to determine that taking something in it is theft, and neither is any particular degree of security a requirement for your wireless network.

That is another absurd statement. Clearly if the SSID is set to be "help yourself", then it would be that. But if the SSID

*doesn't*, then it isn't. There is *nothing* intrinsic to an SSID that says "help yourself".

That is indeed *exactly* the same.

You clearly don't have any idea what the SSID is or how it works and what it does.

Not really because J Public can be reasonably expected to buy a wireless enabled laptop, take it home, switch it on, and HEY I have internet access.

Completely reasonable behaviour. Those IT literate among us know what the the internet is and how you connect to it. My mother doesn't have a clue.

I am sure that using somebody else's wifi connection is illegal but a half decent defence lawyer should have an easy time getting somebody off.

Now, if this "dumb customer" has a 1 metre parabolic dish connected to his wifi card, pointing at another house (the proper effective and much easier way to use another wifi connection, especially as you can use different ones on different days) it would be different.

I think you're missing the point, which was in reply to someone who seemed to think that an unsecured network was fair game to anybody who felt like using it. The fact that a network is unsecured may not necessarily constitute an "invitation" to use it as it may simply be unsecured as a result of its owner's ignorance. Ironically, as you've pointed out, the same general ignorance that can result in one person's property (i.e. internet service) being inadvertently vulnerable to theft can also make someone else inadvertently commit it.

The situation is a minefield, but I don't think it gives anyone the right to exploit someone else's ignorance by knowingly taking something that isn't theirs simply because the owner is unaware of how to stop them.

Rod.

Yes, *if* the ISP is able to map an IP address to a specific customer. Not all do this.

Mike

--

'As I walk along these shores I am the history within'

It's a bit different, because in this case there are many people that intentionally allow others to use their "product." While few people would invite strangers to use their car, or their house, many people do in fact allow, and even encourage, strangers to use their wireless connection.

Rather than simply associating with unsecured networks, the OS should display a warning (at least once) that the user should obtain permission from the owner of any unsecured wireless network before using it, because some unsecured wireless networks are not intended for their use. Of course there is really no way to find the owner of a wireless network.

But, in a legal scenario, should the owner's ignorance be taken into account? Should there not be the presumption that the owner/operator is responsible for correctly configuring and operating the equipment?

If someone bought a house which had a backdoor, accessible from an alley, to the garage with the sign 'Free Apples Here' affixed to it, put apples in the garage, did not remove the sign and kept the back door unlocked then I am sure they would not have any valid legal grounds for complaint if people came into the garage via the back door and helped themselves to the apples even if they never use the back door to the garage, did not notice it was unlocked and never walked along the alley so were not aware of the sign.

While this may seem a ridiculous analogy, it is almost exactly the situation of someone who (by ignorance) runs an 'open' wireless router without changing the configuration.

debatable, often you could find the IP address and hence get to the owner via ISP etc.

Phil

There is one HUGE difference.

There is no big sign saying "Free wireless connection here".

If somebody left apples in their unlocked garage, but without any sign to say they were free, then they *would* have a complaint if somebody walked off with some.

There *is* if they are broadcasting (that's they key word, right there) the SSID of the network.

Paul.

I think there should be a presumption that someone else's property, be it a physical object, access to premises, or access to a service of some kind, is NOT offered freely to all and sundry unless there is a clear indication that it is. The mere absence of active prevention should not be taken as such an indication.

Rod.

No there isn't. The SSID is simply an identification, not an invitation. The registration plate on your car isn't an invitation for somebody to drive it away, is it?

If the owner of a network has taken the trouble of changing the default setting to something equivalent to "help yourself", then that's a clear sign that they understand what they are doing and are consciously making an offer, but most network owners will have no idea of what their equipment is doing, having bought it in the simple expectation that it will just do its job. They may be ignorant, they may be naive, but what's theirs is still theirs and nobody has the automatic right to take it simply because of this.

Rod.