Wi-Fi Sniffing Question

In article , Scott wrote: :Recently, I posted on a Mac newsgroup about visiting my daughter's townhome, :turning on my Wi-Fi enabled iPaq PDA, and logging on to the net using a signal from :a neighbor's wireless router. My daughter was unsuccessful in doing the same with :her Mac Powerbook notebook. Since then I've been hit with posts calling my actions :"contemptible" and "stealing".

Those posts are not without justification.

:I often turn on my iPaq on in a mall or a business to see :if there's a Wi-Fi hotspot nearby. Isn't Wi-Fi sniffing a common practice?

But you didn't just sniff: you actively *used* the neighbour's equipment to send your traffic to the internet. Sniffing is a passive activity.

:Is there anything unethical about it?

How much does your daughter's neighbour pay in "excess bandwidth" charges? Or how much extra does the neighbour pay for an account with a higher bandwidth limit? Did you offer to compensate the neighbour for the bandwidth you used?

Hot-spots are generally set up by businesses for the use of their customers, and non-customers are generally unwelcome unless the business specifically advertises otherwise. If you went to a local store one hot summer day and you found that the store had set up a sprinkler on the lawn for customer's children to run through while a parent shopped, then would you have gone over and filled a drum with the water they were supplying, and taken it home to water your lawn?

Your email address appears to indicate that you are somewhere in the USA. We're still debating some of the fine details of FCC regulations, so we can't tell you -exactly- where the line is. The FCC regulations say with respect to the ISR spectrum that if a certain kind of frequency hopping is being used and no attempt is made to encrypt the data, that it is not an offence against -that- section of the regulations to *record* the data [it would not be considered a wiretap].

If, though, the other kind of frequency hopping or spread spectrum is being used, or there is any kind of protection at all on the data, then it is an offence under that section. There are also applicable state laws. Nothing in the FCC section that permits that one variety of frequency hopping to be recorded allows for using someone else's equipment to *transmit* your data. Our arguments are about exactly which US federal law would best apply in such a case, not about whether it is permitted.

The question we are still arguing is more or less whether, if caught, you'd most likely be charged with an FCC civil offence (potentially big fine and confiscation of *all* your computer equipment, but no criminal record), or under a minor criminal law [e.g. "Theft under $5000"] (potentially big fine; potential restraints upon your behaviour for several years such as being banned from owning a computer for 3 years; potential jail time up to 2 years less a day to be served in state prison, criminal record but no loss of civil rights), or whether you'd be charged under one of the many laws with a -potential- penalty of 2 years or more of jail time (potential big fine, potential jail time in a state or federal prison, potential permanent restraints on future behaviour; potential permanent loss of certain civil rights... because any offence with a -potential- jail term of 2 years or more is a Felony even if one is only sentance to a token overnight jail visit.)

Incidently, in Canada, the offence is clearly established in law. It used to be implicit in the computer security laws, but for emphasis they specifically enacted a "Theft of Telecommunications" offence that definitely applies to wireless. At least one person has been formally charged under the law.

In article , Peter Wilkins wrote: :I see several replies saying it is both unethical and illegal, but I :really have some doubts about that: any legislation would have to be :carefully written to avoid a successful challenge. Anyone who sets up :a WiFi system and doesn't encrypt it to restrict access could be :construed as issuing an open invitation for it to be used by anyone.

WiFi systems that are connected to the Internet in the USA fall under the classification of computer systems used for interstate commerce, and thus are protected systems for the purposes of the US Computer Fraud and Abuse Statutes. The CFAS say that anyone who uses a computer system without authorization or who knowingly exceeds their authorization is in violation; the only exception is for the case of information kiosks.

:After all, most air waves are "free to air" and you can listen to :radio and TV for free - except for police channels in some states. :Similarly, two-way HF and UHF CB repeaters are set up all over the :place and are freely accessible to anyone with a CB transceiver to :extend range. What is different about a WiFi?

In the USA, is it legal to use "cable descramblers" or hacked satellite TV cards to get subscription content for free? If not, then why not, since it's just radio waves?

You missed cell phones, by the way.

When you look more closely at the spectrum allocation, you will find that there is a -lot- of the spectrum that is only legally accessible to people with appropriate commercial or amateur licenses. Try setting up your own FM radio station and see how long your right to -transmit- signals lasts.

William,

Thank you!

Scott

William Warren wrote:

It is also illegal to listen in on cellular calls. It is legal in Canada (or at least it was a number of years back). You could go to Canada and buy a scanner that would listen in on cellular calls. But if you tried to bring it back into the United States and were caught, you were in big trouble because listening in on cellular calls is considered [in the U.S.] to be wiretapping.

Just because you can 'listen' to just about anything else, on all [except the commercial (television, AM, and FM) broadcast and on amateur radio] radio services, you are not legally allowed to divulge the contents of or use the information 'for profit'. This means (for example) that a tow truck company that monitored the police and fire frequencies [for the purpose of finding accidents or people who otherwise needed a tow] is in violation of the law for using the intercepted communications for gain. I'm not saying it doesn't happen all the time because it does. But that doesn't make it legal.

Knowingly gaining access to someone else's communication system without their approval is risky business. So, 'free to listen to whatever you want' is a relatively loose term. Listening carries responsibility.

Fred

business to see

You missed the cell phone frequencies, it used to be okay to listen but now it is illegal to listen a cell phone conversation you are not a part of. You also missed that in Virginia nd DC it is illegal to posses a radar detector. The Police even have radar detector detectors that can sense your detector and the Police WILL confiscate it and only return it to you if you come to Court. It is illegal to receive those frequencies, it is also illegal to transmit on ANY frequency an airplane uses if not for "official" airplane business. This was designed to stop people from interfering with plane to ground communications. In short, there are LOTS of frequencies that are illegal to use and activities that are illegal and just because we find them doesn't mean we can use them. I guess another analogy would be, you find a bag of money laying on the ground, it has a Banks name on it, but no one is around, are you stealing it if you pick it up and keep the money? ABSOLUTELY, and you WILL be prosecuted for Bank Robbery! Just because you find it, doesn't mean you can use it!

[snip]

Since hot spots don't usually have a sign on them saying "No Trespassing" or even an SSID that looks, for example, like "PRIVATE PROPERTY RESERVED FOR JOE SMITH AND FAMILY", I'll argue that you're starting from the premise that the neighbor -

A. Has a bandwidth-sensitive pricing plan, which is very rare. B. Can be identified and located (try it sometime, especially in an apartment building). C. Cares if someone else uses their pipe to perform a legal and innocuous activity.

.... and, by that logic, that nobody is entitled to use anything they haven't bought and paid for (and, I infer, roped off from everyone else that hasn't been able to ante up).

Sorry (and no disrepect), but I disagree. Hot spots are "generally" set up by businesses to either provide short-term connectivity (for training, etc.) or to bypass a physical restriction (such as offices in converted warehouse spaces where wiring is prohibitively expensive), and are used primarily by employees, not customers.

Non-customers (the definition of which is left as an excercise for the reader, but let's assume we mean "persons not lawfully on the premises") might or might not be welcome, but may be tolerated simply because it's cheaper to protect corporate assets by other means than it would be to implement and enforce a wireless-accessible-data segregation plan.

Not usually: water weighs eight pounds per gallon, and it's cheaper to buy it from my water agency than to hire the help I'd need to collect it, transport it, and spread it by hand. But, what the hell, I'll assume I have a magical power to lift 55 gallon drums (that's, let's see, five eights are forty, carry the four ... 440 pounds without considering the weight of the drum).

This is, of course, farfetched, and I mention it to remind the reader that there is an obvious and often-ignored difference between "impractical" and "illegal" behavior. Very few impractical behaviors are illegal (lawmakers have more obvious problems to deal with), and formerly impractical behaviors that technology makes practical and profitable - spam, for example - are eventually regulated and/or taxed to the extent needed to keep the wheels of society spinning.

Using "theft" of water as a simile for WiFi access ignores the practical obstacle to committing the "crime" - noone has, after all, outlawed theft of the Moon or attempting to suck the ocean dry with a garden hose - and detracts from a necessary public debate about our wired society and the benefits universal Internet access provides, but I digress.

Courts use a "Reasonable Man" standard when assesing damage and intent. A reasonable man would not take water than was obviously intended for another use (from, e.g., a scenic pond with fish in it) or which was clearly being kept in reserve to benefit the community (a reservoir), or which was, in and and of itself, harmful (toxic waste if properly posted).

However, a reasonable man would be perfectly justified in taking water which was prima facie in discard: runoff from a lawn destined for the storm drain, or runoff from his own roof even if from a neighboring business' sprinkler. (Questions about the reasonableness of the effort aside from the "ownership" of the water are also left as an exercise for the reader. Be warned that the problems can be amazingly tricky: ask yourself if a farmer is entitled to gather and redistribute runoff of fertilyzer-laden water from his neighbor's field, even if the runoff would or might harm a public resource such as a river. Again, I digress.)

Please cite the NPRM and specific NFR.

My argument is limited to U.S. wireless access by U.S. citizens inside U.S. borders.

The question is not "whether, if caught, you'd most likely be charged ...". The question is whether any actionable activity is taking place. If you start from the premise that anyone using something they hadn't paid for is always guilty of a crime or trepass, you ignore centuries of common law, where a "Reasonable man" would (and should) presume use is allowed.

A Reasonable Man is entitled to drink from a watering hole in the desert, no matter if it's on private land or not, provided he's a transient and the use is not excessive or for profit or damaging (and even if damaging, if his survival is jeopardized). A Reasonable Man is entitled to cross private property to achieve a necessary business end: surveyors, for example, are given priviledges to tramp and transit land adjacent to that being measured. Property owners whose land is surrounded by another's property have a de jure right to encroach the surrounding land to the extent needed to reach their own, and in some states (Oregon comes to mind) even a right to encroach private property to reach a public resourse, such as the oceanfront beach, even if other non-encroaching access is available.

The point, and I'm sorry to be so heavy-handed about it, is that there's no "absolute" right, or "legal" behavior, that does not have exceptions dictated by circumstance, custom, and practice. If you assume that access to a WiFi hot spot without a specific invitation from it's "owner" is inherently illegal and/or actionable, you ignore all common-sense exceptions to the rules of private property.

I could (and will) argue that a Reasonable Man finding an open WiFi hotspot, unencrypted, without any notice forbidding access, would be justified in assuming that its provider has chosen to contribute to a common pool of wireless access, SO AS TO ENJOY THE BENEFIT PROVIDED BY OTHERS FOR THE SAME PURPOSE.

It makes sense to me, and there's ample precedent by publicly-minded individuals and corporations: Roofnet at MIT, Mel King's wirelss project in the Roxbury district of Boston, and other less formal efforts all come to mind.

And no, I'm not constructing a straw man to justify thievery. People give away or loan or display private property all the time: examples run the gamut from things like the tire hanging in my neighbor's front yard to the formal gardens maintained by my church to the Linksys router in my home office. Their owners make them available for all passerby to enjoy, because it makes the world a better place to live.

FWIW. YMMV.

William

I see several replies saying it is both unethical and illegal, but I really have some doubts about that: any legislation would have to be carefully written to avoid a successful challenge. Anyone who sets up a WiFi system and doesn't encrypt it to restrict access could be construed as issuing an open invitation for it to be used by anyone. After all, most air waves are "free to air" and you can listen to radio and TV for free - except for police channels in some states. Similarly, two-way HF and UHF CB repeaters are set up all over the place and are freely accessible to anyone with a CB transceiver to extend range. What is different about a WiFi?

If my WiFi card can find a useable unencrypted service and log on, it does so. The only restriction is that I have set a log-on priority, so that if any of my networks are available, it will log onto one of them first - after that, anything goes.

I encounter a similar situation as you reported when I visit my daughter. As soon as I turn on my laptop, it automatically logs on to a neighbours unencrypted broadband WiFi network and I can access the Internet to browse and receive email. I can't send email through my normal server, but I can through my web server.

When the neighbour was acquainted with this situation, and advised to encrypt to protect his network, he said he "couldn't give a s--t" as he had unlimited hours and unlimited download and didn't want to encrypt, so I could "go for it". So I feel comfortable about that, but not quite so comfortable about some other situations. I can understand if someone has a limited service and had to pay for additional usage, that there could be a question of ethics in using that service without notice to the owner - but if the owner fails to encrypt or limit access, then it seems to me to be a bit like our local newspaper, which sets out papers for readers to pick up for free if they want it.

Hot spots are a different matter - you can log on to them only if you pay the necessary fee.

So my view is, if you are passing through and it is a "one off" and you are only going to download a few K in emails and never use that site again, no harm is done. If it is likely to be a regular occurrence, then it would be ethical and I think obligatory to acquaint the WiFi owner of your usage. However, if the owner then gives an all-clear or fails to encrypt, I wouldn't see any problem in continuing to use it.

In article , William Warren wrote: |Walter Roberson wrote: |> How much does your daughter's neighbour pay in "excess bandwidth" charges?

|Since hot spots don't usually have a sign on them saying "No |Trespassing" or even an SSID that looks, for example, like "PRIVATE |PROPERTY RESERVED FOR JOE SMITH AND FAMILY", I'll argue that you're |starting from the premise that the neighbor -

|A. Has a bandwidth-sensitive pricing plan, which is very rare.

The least expensive bandwidth *insensitive* plan I have found here is $C 395 per month, with a $C 2000 installation fee -- and that company can't deliver service to my area. If I recall correctly, the least expensive bandwidth insensitive plan that I can actually get at my house is $C 1185 per month with a $C 4000 installation fee. ($C 1 is about $US 0.80 at the moment.)

*Every* "residential" plan that I can actually get at my residence, from -every- provider I've been able to find in the city, has bandwidth restrictions and excess bandwidth charges. I've checked about a dozen completely independant providers (not just resellers of the same duopoly.)

I am not in a rural area: if I recall my calculation correctly, I am

3 km from the centre of the city (population 660000+, located on

-all- the cross-country long-haul data links). I am not in the top three poshest neighbourhoods, but I am in the area most in demand amongst those whose family incomes are between about $US 40000 and $US 150000 per annum -- what would probably be called "upper middle class". And two of the top three poshest neighbourhoods are very close by.

|Using "theft" of water as a simile for WiFi access ignores the practical |obstacle to committing the "crime" - noone has, after all, outlawed |theft of the Moon

Actually they have. There is a fellow in the USA who was able to successfully register title to the land on the Moon a number of years back (he went through the official land claim procedures), and now sells moon plots as a small business, and has been successful in suing other people who have attempted to offer moon plots or burial- on- the- Moon schemes. That land is *owned* in law, and that would make taking it or using it without permission an offence.

|Courts use a "Reasonable Man" standard when assesing damage and intent. |A reasonable man would not take water than was obviously intended for |another use (from, e.g., a scenic pond with fish in it) or which was |clearly being kept in reserve to benefit the community (a reservoir), or |which was, in and and of itself, harmful (toxic waste if properly posted).

Unfortunately it's done a lot, manufacturering firms sucking their water from a river, running the water through their processing plant, and dumping the water out again contaiminated. It's very hard to prosecute such cases: you have to get chemical tracers sufficient to prove beyond a doubt that the water came from the plant, and last I heard, the EPA had been specifically defunded for investigation of such matters. Some private citizens or environmental groups continue to gather the evidence, but the proof linking the clearly toxic waste to the manufacturing plant usually requires a visit to the plant to check for samples, which the plant seldom allows and which the EPA (which has the legal authority to investigate) is forbidden to spend money on persuing.

:> Your email address appears to indicate that you are somewhere in the :> USA. We're still debating some of the fine details of FCC regulations, :> so we can't tell you -exactly- where the line is. The FCC regulations :> say with respect to the ISR spectrum that if a certain kind of :> frequency hopping is being used and no attempt is made to encrypt the :> data, that it is not an offence against -that- section of the :> regulations to *record* the data [it would not be considered a :> wiretap].

:> If, though, the other kind of frequency hopping or spread spectrum is :> being used, or there is any kind of protection at all on the data, then :> it is an offence under that section.

:Please cite the NPRM and specific NFR.

I don't recognize the abbreviations "NPRM" or "NFR", but I have previously cited the exact URLs and paragraph numbers for this part of the FCC regulations.

:The question is not "whether, if caught, you'd most likely be :charged ...". The question is whether any actionable activity is taking :place.

It is. FCC regulations with a narrow exemption, the US Computer Fraud and Abuse Statutes, theft by conversion.

:The point, and I'm sorry to be so heavy-handed about it, is that there's :no "absolute" right, or "legal" behavior, that does not have exceptions :dictated by circumstance, custom, and practice. If you assume that :access to a WiFi hot spot without a specific invitation from it's :"owner" is inherently illegal and/or actionable, you ignore all :common-sense exceptions to the rules of private property.

The US Computer Fraud and Abuse Statutes are written as abolutes. There is no provision in them for "just a little" cracking or "having some harmless fun". There have been successful prosecutions (with jail term) for what many people would consider borderline at worst or harmless behaviour (e.g., inserting a "backdoor" in order to be able to bypass a security barrier so that the person could remotely undertake the work they had been lawfully contracted to do, in an organizational culture in which the person had been led to believe that no-one would care.)

If you do not know much about the Computer Fraud and Abuse Statutes, then that might be partly because on the face of them, they are written to only protect hospitals and big money (e.g., banks), and they look like they would have no jurisdiction at the local level (which would be State law or municipal bylaws.) There happens to be a clause in them, though, that activates them if the device accessed is one that is used for "interstate commerce"... which applies to any computer system or network that is used for electronic shopping intrastate, or for viewing electronic advertisements aimed at getting the reader to buy intrastate (near impossible to avoid these days), or for sending email intrastate. Computer systems and networks which are -not- covered because of that clause are as rare as the proverbial antique car in top shape previously owned by a "little old lady who only drove to church on Sunday."

:I could (and will) argue that a Reasonable Man finding an open WiFi :hotspot, unencrypted, without any notice forbidding access, would be :justified in assuming that its provider has chosen to contribute to a :common pool of wireless access, SO AS TO ENJOY THE BENEFIT PROVIDED BY :OTHERS FOR THE SAME PURPOSE.

I disagree. Anyone who has been a part of the computer culture for more than a couple of months knows that there are millions and millions of computer systems out there owned by people who don't have a clue how to properly secure their systems, or even that their systems need to be secured. When it comes to computers (taken even in the sense of embedded computers such as are in WiFi access points), if you don't have permission in advance, then the access is very likely a violation under US Federal law... with the sole exception of public information kiosks, which are fair game for anything you can do with them.

you must be one of those guys that`s always reasonable, Mr reasonable, you're not using your front yard right now, my dog will just add a little moisture, there's no reason for him to leave a plop.

Well I wouldn't want to be the first person tried for violating whatever they will call it!

AHHH...that was the point of my analogy! YOU are still going to be charged with bank robbery! YOU kept the money and didn't turn it in! That makes you an "accessory after the fact".

If you advise him and he still won't do anything about it you STILL don't have the legal right to use it. He has not told you it is okay. Maybe he is just too obtuse to recognize the problem. Don't get caught ESPECIALLY after you told him of the problem!!!

The law is NEVER more gray or lenient! It is ALWAYS black and white, laywers just want you to THINK it is grey! There are NO COLORS in the law books!

I'm not so unreasonable as to expect a dumb animal to defecate in a toilet. Humans, however, can usually be trained to accomplish simple tasks like picking up their pet's feces.

I think a sense of social responsibility sets in at about the same stage of development where children realize that sarcasm is, indeed, the wit of fools.

William.

You should properly configure your computer to prevent it doing that.

Its his fault he's not taking precautions, but you still have a duty to avoid acting illegally. An analogy might be if he insisted on leaving the doors and windows open, it would still be illegal for you to enter his house. So you must make reasonable efforts.

snip

I couldn't agree more - but not everything is quite so black and white, and I don't know that the law is yet completely firmed up regarding WiFi, particularly here in Oz where I don't think the government even knows what the term means.

That money was already lost or stolen - a better analogy would be if the bank was deliberately throwing banknotes out the window and you picked them up - can you keep them? Probably!

Of course, and if you read my original post you would note that when faced with this situation (when visiting my daughter my computer automatically logs on to a neighbours network) we acquainted him of the situation (it took a few days to find out WHICH neighbour was broadcasting) and received his blessing. But what should I have done if I had not received his blessing? He wouldn't encrypt and my computer automatically logs on to his network as soon as it is turned on. So I suppose I shouldn't turn on my computer while visiting my daughter, but why should I be penalised because someone won't take the elementary precaution of limiting access to his network?

I don't know the answer, I'm no lawyer, but I think it is not completely black or white - there has to be room for some compromise. If you take someone's bandwidth by stealth, then there is no argument in my mind: it is at least immoral and probably illegal. But if you advise him of the problem and he takes no steps to prevent it, then I think the matter should become a bit grey, and the law should be a bit more lenient.

Taking a moment's reflection, f/f george mused: | | You also missed that in Virginia nd DC it is illegal to | posses a radar detector. The Police even have radar detector detectors | that can sense your detector and the Police WILL confiscate it and | only return it to you if you come to Court. It is illegal to receive | those frequencies ...

It's only illegal in those states because no one has challenged the law and taken it to the Supreme Court. The State law against radar detectors is unconstitutional according to the stipulation that unencrypted RF band transmission can be freely received by anyone. This is why passive sniffing of wireless networks is legal, but connection (which would also involve transmitting) is illegal. However, until someone appeals the law in those states, they remain enforceable.

Taking a moment's reflection, Walter Roberson mused: | | I disagree. Anyone who has been a part of the computer culture for | more than a couple of months knows that there are millions and | millions of computer systems out there owned by people who don't | have a clue how to properly secure their systems, or even that | their systems need to be secured.

That argument kind of defeats itself doesn't it? ;-)

In article , mhicaoidh wrote: [with regard to radar detectors]

: It's only illegal in those states because no one has challenged the law :and taken it to the Supreme Court. The State law against radar detectors is :unconstitutional according to the stipulation that unencrypted RF band :transmission can be freely received by anyone.

Could you clarify which 'stipulation' that is?

UMMM....NOT! In Virginia it WAS taken to the Supreme court and it was decided in the State's favor, because to allow the reception of "those particular" frequencies "enhanced" the breaking of the law. I am not able to cite the case, but the Police do it all the time. No other States, except Michigan and the District of Columbia, have banned the reception of those frequencies while travelling, to my knowledge.

Also the free reception is NOT guaranteed! It is allowed except where the Police or other Law type organizations would be harmed because of the reception. The Law is rarely cut and dry, and is FULL of exceptions.

In article , Peter Wilkins wrote: :The software and hardware provided in my laptop by Toshiba and Bill :Gates automatically scans the 2.4 and 5GHz bands (legal you say, if :I'm prepared to take it to the Supreme Court) but then automatically :connects to the best available unencrypted a, b or g network if mine :is not available - which you say is definitely illegal. I don't think :I can stop it doing this except by turning off the WiFi card (if :anyone knows how, please post details)

At worst, turn off XP's Zero Wireless Configuration. As it says right in XP's help on the Wireless Connection page:

To disable automatic wireless network configuration

Automatic wireless network configuration is enabled by default in Microsoft Windows XP Service Pack 2 (SP2). With this setting, you can connect to an existing wireless network, change wireless network connection settings, set up a new wireless network connection, and specify the wireless network that you prefer to use.

If you are using non-Microsoft wireless configuration software, you should disable automatic wireless network configuration. To configure settings on the Wireless Networks tab, you must be logged on to this computer as an administrator.

1. Open Network Connections. 2. Right-click Wireless Network Connection, and then click Properties. 3. On the Wireless Networks tab, clear the Use Windows to configure my wireless network settings check box.