Using a WiFi hotspot illegal?

MiXdNuTs

Gawd
Joined
Aug 9, 2002
Messages
832
Ok, to fill in the background, read this thread which has now been closed: http://www.hardforum.com/showthread.php?t=813169.

I don't believe that it is illegal to use a wireless hotspot if it is unsecured so long as you don't do anything that breaks any other laws. The users setup their wireless hardware to BROADCAST network availability and do not restrict who can connect. Also, two of the hotspots are from fraternities and they put them up as a public service.

My main point is that as long as you don't crack encryption, spoof a MAC address, or commit any other type of fraud, connecting to Joe Neighbor's wireless router is not illegal. Right?
 
You are accessing a private network without authorization and stealing their bandwidth.

If you have permission, you're fine. If not, it's illegal. In the thread linked, it's illegal.
 
Bad, bandwidth theft is just bad...bad..bad....I don't think you would like someone running an ethernet cable from your router to his house. Same idea, don't think you would like that too much huh?
 
I'm not a lawyer or anything, so this might not be 100% correct, but it's on the books.

From the information I have, in the state of Kentucky it is a misdemeanor to knowingly and willingly access any computer or network without authorization. The moment you exceed $300 dollars in damages to the victim of your attack or commit any kind of fraud over the victims network or anything otherwise illegal, it becomes a felony. Keep in mind that disruption of service, which is what you're doing if you're leeching their bandwidth, can count towards damages.

So to answer your question, yes it is illegal.

Unless you want to risk jail time or probation, just dont do it.

You should be able to find the documentation yourself by looking up the Computer Crime Statutes for your state.

Just some advice here, take it if you want to...but I'd stop bringing this subject up. It's illegal, end of story.
 
Deepending on where you live, its Illegal or Legal (One state in the USA said if you don't secure it, its your own damn fault)
 
If your neighbor doesn't lock his doors, and his fridge is open and full of beer, is it ok for you to walk in and take his beer without his permission?
 
Karandras69 said:
Bad, bandwidth theft is just bad...bad..bad....I don't think you would like someone running an ethernet cable from your router to his house. Same idea, don't think you would like that too much huh?

You couldn't be more wrong. Although I was asking about this for my friend, I have a hotspot setup at my house where I let my neighbors connect so long as they don't file share or do anything else illegal.

Also on a side note, Lexington, Ky. has been recognized as having the most hotspots for a city of it's size. The University of Kentucky already provides free wireless Internet access to about a fourth of the city, and the local government is already working to setup free WiFi (paid for by one popup when you logon) for the rest of the city because the ghettos were upset that they didn't have free WiFi also. The city is also planning to use WiMAX when it becomes available in a few years. :cool: Thats where I am comming from and why I have been sort of surprised by how negative you all have been towards the idea of sharing WiFi acces. I guess I just come from a place where sharing is more accepted.

I didn't want to upset anyone. :)
 
jimnms said:
If your neighbor doesn't lock his doors, and his fridge is open and full of beer, is it ok for you to walk in and take his beer without his permission?

In response to your provoking comment, entering someone's home and stealing property from this is always wrong. However, I think it is different when a signal, originating from their home, entery another person's home, they have the right to recieve it. I know of a FACT from my Telecommunications Law classes that it is 100% legal to do something like say, intercepting calls from cordless telephones, because they give up the right to privacy when they start broadcasting on frequencies that belong to the public.
I DO think thats wrong though, but its still legal.
 
In the situation you are now describing properly that will be fine. You are allowing your neighbors to share your connection so there shouldn't be any legal issues with you doing that.
 
MiXdNuTs said:
...I know of a FACT from my Telecommunications Law classes that it is 100% legal to do something like say, intercepting calls from cordless telephones, because they give up the right to privacy when they start broadcasting on frequencies that belong to the public.
And likewise, it's legal to intercept their SSID broadcasts. Use of their network, however, which must travel through their private property at some point, is illegal. There's your differentiator.
 
lomn75 said:
And likewise, it's legal to intercept their SSID broadcasts. Use of their network, however, which must travel through their private property at some point, is illegal. There's your differentiator.

I am well aware of this point, but I am still not sure if it is illegal because no illegal measures are taken to gain access to the network and no computers within the network are accessed. My main point of that post was to strike down that guys claim that gaining WiFi access from someone else was the same thing as stealing from inside their house.
 
personally I think if you are doing it without their consent it should be illegal...

QJ
 
QwertyJuan said:
personally I think if you are doing it without their consent it should be illegal...

QJ

I'm not so sure. I think that it is your own darn fault if you don't enable WEP or MAC filtering on your network. Think how many laptops will automatically connect to a wireless network when you power them on (including mine). Would you mind going to jail because you played a game of Tetris in the park and accidentally connected to someone's WLAN? I feel that it should be illegal if the hotspot has security preventing access, but if it's wide open then what? Think.
 
Intent: You know it's not YOUR AP that you are connecting to. Further, and irrelevant to this discussion, you know it belongs to someone else who is unaware that they are giving out free access.

Once you know it's not your network you are connecting to, and you do so any way and start trading data back and forth, it's illegal, but more importantly, it's morally wrong. Because they left it wide open is completely missing the point, it'd be no different if you had to figure out their WEP key to get through.

Quite frankly, I'm shocked by the sheer number of questions of this nature. I know 5-year olds who have enough moral backbone to understand the difference between right or wrong, or if they don't, they ask. Instead of starting a thread in the hopes that everyone will agree with you and make you feel better about doing something you know is wrong.
 
Interesting discussion. I think I will bring it up into the duscussion in one of my telecom classes.
 
MiXdNuTs said:
I am well aware of this point, but I am still not sure if it is illegal because no illegal measures are taken to gain access to the network and no computers within the network are accessed. My main point of that post was to strike down that guys claim that gaining WiFi access from someone else was the same thing as stealing from inside their house.
Bandwidth, though. It's unauthorized use of network equipment and services, not just computers.

But yeah -- I considered the walk-into-a-house analogy but discarded it as it doesn't quite fit. Close, but not quite.
 
MiXdNuTs said:
In response to your provoking comment, entering someone's home and stealing property from this is always wrong. However, I think it is different when a signal, originating from their home, entery another person's home, they have the right to recieve it. I know of a FACT from my Telecommunications Law classes that it is 100% legal to do something like say, intercepting calls from cordless telephones, because they give up the right to privacy when they start broadcasting on frequencies that belong to the public.
I DO think thats wrong though, but its still legal.

Im sure you could make a strong argument for intercepting wireless transmissions, but sending rf data to their wireless access point requesting their router to send data from the internet to your machine is clearly more than recieving a signal.

Its illegal to use anothers computer without their permission, no matter the medium.
 
I suggest you read my post in this thread.

In a nutshell it states that depending on where you live you might be in the clear, or you might be breaking the law. Some States are pushing the idea that open = implied free access, whereas others have taken the opposite approach and consider accessing an open AP without expressed permission as a violation of the law. Which laws you may be in violation of would depend on where you're at.

These questions are truly best left for a lawyer in your area. If you really want to know your neighbor's intent then just ask them.
 
In Utah, all I know is that if you have a wifi AP open that someone is able to get into and they do shit like download kiddie porn or file share over your connection, you aren't responsible.

If the RIAA tries to sue my ass for sharing files when it was my neighbor jacking into my AP who did it, I don't want to be held responsible for it. I may know shit about computers but Granny Average doesn't know what the hell MAC addresses, SSIDs, WEP and 128bit encryption keys are all about. She just wants to get on the internet with her laptop to do her email on the back porch without wires tying her down.

Getting into an open AP and leeching off someone else? Immoral but I'll still do it if I have to. Like getting directions off Mapquest when I'm in a bind or things like that. But I like to choose public WiFi APs for leisure activities. If only there were an identifier for public APs so we could have NetStumbler et al tell us which ones were open for everyone...
 
MiXdNuTs said:
You couldn't be more wrong. Although I was asking about this for my friend, I have a hotspot setup at my house where I let my neighbors connect so long as they don't file share or do anything else illegal.

Also on a side note, Lexington, Ky. has been recognized as having the most hotspots for a city of it's size. The University of Kentucky already provides free wireless Internet access to about a fourth of the city, and the local government is already working to setup free WiFi (paid for by one popup when you logon) for the rest of the city because the ghettos were upset that they didn't have free WiFi also. The city is also planning to use WiMAX when it becomes available in a few years. :cool: Thats where I am comming from and why I have been sort of surprised by how negative you all have been towards the idea of sharing WiFi acces. I guess I just come from a place where sharing is more accepted.

I didn't want to upset anyone. :)

I bet thats against your ISP's agreement with you, and I'm sure if someone uses someone elses wireless signal, then they would be in violation of their agreement with their ISP. One household per service account. Therefore your connection is wrong. This was covered pretty well over here as well http://www.hardforum.com/showthread.php?t=778890&highlight=wireless.
 
Unless you have express permission, in most cases written permission, it can be considered Theft of Services, not by the owner, but by the provider (i.e. att/mci/us-west/roadrunner).

Now you might have a way out, if the wireless access point is named something to the effect that it is open, for example here are a few open access points in Germany.
SurfHereForFree
OpenToAll
FreeForUse
KTownParksOpen (yes there is a KTownParksClosed that is encrypted)


But unless it has something like that, I would not chance it.
 
OldPueblo said:

Your search skills are better than mine. That's the thread I originally wanted to reference. Read my posts in it and you'll see the predicament that an open AP can lead to.

Since many cities are now offering free open access, how is one to differentiate between intentionally open access and an accidentally open AP because they just brought it home and plugged it in without reading the documentation? This is why the responsibility is seen as being placed on the owner of the AP in many instances. From a legal standpoint it puts things into a grey area. If caught, you can always claim that you thought it was public because there was no indication that it was ment to be private (i.e. encrypted or locked up in any way). Given the public nature of the signal, this would be the correct assumption based on historical uses of the public broadcast radio specturm, which is where WiFi falls into. Think radio and broadcasted TV, which are free for all to access. If you were ment to be a paying subscriber, or simply not allowed to view it publicly, then the stations have to encrypt the signal (i.e. XM radio, satellite TV, etc.). This is the deliniation between free and private signals--the owner must do something to prevent public access. Without doing so, they've opened it up for all to access. If their service provider has rules against sharing the connection, or someone downloads kiddie porn, then the responsibility falls on the person who owns the AP. The whole theft of service issue is not valid for open APs. If you were to hack the signal, then it'd be a theft of service issue like people who use chipped satellite receivers to leech DirecTV.

What muddies the issue is the computer crime laws that some States and federal statues that have been created for network use. These often fly in the face of the historic use of the public spectrum. This is why many States are looking at modifying their laws for wireless usage. Personally, I think they're all moot when it come to wireless since the FCC is the ultimate guardian of these signals and will be who the courts look to for their explanations. From a signals standpoint, they'll more than likely tell the court exactly what I've written in the paragraph above. What the FCC decides, and has already decided to be the case for the last 20 years is that public is okay to use and that private is not. If you use a private signal without permission, then I'm sure they'll be more than happy if the court throws the book at you.
 
if you think that theft of services is a non-issue, get a 2.4ghz cordless phone, and search of a channel that is open with dial tone, with out hooking up your base station, and yes you can do this, because my home phone works great with my buddies base station, (different apt but same complex) and I know I would have a case if he made calls on my line, or if I made calls on his line. Just because it is in the FCC Public spectrum does not mean that there is not a possibility of theft.

Granted if a user is not smart enough to secure it, you might have a way out, but if are wardriving looking for access points, and you do not have your ip stack turned off you could get in a lot of issues, with electronic trespass issues. But that’s not the point, the point is that it is not moral to do this, unless an access point is setup specifically for open use, and it is advertised as such, via SSID name, or posted sign, keep off them.
 
You're reading that differently than I did.

Accessing any network or computer without authorization is a misdemeanor, according to what I read. Commiting a more serious crime, or causing 300+ in damages makes it a felony.

A misdemeanor is still a crime.

Perhaps you should read those again.
 
dagamore said:
if you think that theft of services is a non-issue, get a 2.4ghz cordless phone, and search of a channel that is open with dial tone, with out hooking up your base station, and yes you can do this, because my home phone works great with my buddies base station, (different apt but same complex) and I know I would have a case if he made calls on my line, or if I made calls on his line. Just because it is in the FCC Public spectrum does not mean that there is not a possibility of theft

In this instance I think you've got a better shot at suing the vendor for failing to protect your line by securing the base-station than by going after someone else who's merely using the same brand. If your neighbor did it by accident by inadvertently using your service (hey, the phone was on the same frequency, how's he supposed to know to vendor failed to authenticate the handset to the base-station to which it belongs?) would you still hold him or the vender responsible? Common sense and past civil precedents would say that IF anyone was to be held responsible that it'd be the manufacturer. This is exactly the sort of reason why frequency-hopping and base/handset keycode authentication exist today.
 
BobSutan said:
In this instance I think you've got a better shot at suing the vendor for failing to protect your line by securing the base-station than by going after someone else who's merely using the same brand. If your neighbor did it by accident by inadvertently using your service (hey, the phone was on the same frequency, how's he supposed to know to vendor failed to authenticate the handset to the base-station to which it belongs?) would you still hold him or the vender responsible? Common sense and past civil precedents would say that IF anyone was to be held responsible that it'd be the manufacturer. This is exactly the sort of reason why frequency-hopping and base/handset keycode authentication exist today.

Is it just me, or did your lanwars site get hacked? Maybe you forgot to lock down your AP? :p
 
All threadjacks aside, it looks like our server hasn't been patched like it was supposed to be. Our web admin is working with the host this very minute to get the software patched and up to date. This is the 2nd time in a month this has happened. On the bright side we're supposed to get 3 months free due to the incident. I wonder if the 2nd hack will give us another 3 months free?

/threadjack
 
dagamore said:
Unless you have express permission, in most cases written permission, it can be considered Theft of Services, not by the owner, but by the provider (i.e. att/mci/us-west/roadrunner).

Now you might have a way out, if the wireless access point is named something to the effect that it is open, for example here are a few open access points in Germany.
SurfHereForFree
OpenToAll
FreeForUse
KTownParksOpen (yes there is a KTownParksClosed that is encrypted)


But unless it has something like that, I would not chance it.

Okay, I had to chime in here. At my house in downtown of my small town I run an open AP, which I am on right now, my laptop connects automatically to the first AP it see's. I don't care if people use my bandwith, cause I know almost all the wardrivers arround my area, and they are cool guys.

plus my SSID is "hot sex live XXX!!!!!!" :D just to keep the innocent away :p
 
Good discussion. Interesting topic.

On the moral, rather than legal side, consider this.

I go to my friend's house, he has wireless setup and tells me to connect to it to get out to the internet. I fire up my laptop, immediately get a good connection on my Cisco card, and am out on the internet. The next day at work I am swapping my profile from the open access to my work (LEAP) access and I notice that the last AP I was connected to is called Smith1971. I ask my friend why he named his AP that and he tells me "oh...that's my neighbors."

This did happen. I wasn't downloading kiddie pr0n, warez or mp3s, I was just browsing a site or two while he was on the phone. Am I a felon? I did no harm to his network, I didn't try to break into his AP or any shares. HIS ACCESS POINT OFFERED MY NIC A CONNECTION. I think that is a fairly large statement to make. By broadcasting the ssid, his AP is out there shouting out connection offers.

Which then leads to my opinon of the legal side, I don't feel that this should be illegal. If you are going to put infrastructure in place that could be taken advantage of, then you had best be damn sure that it is secured. You are responsible for your own ap. Just because I can connect to it doesn't mean you are absolved of any responsibility. The burden of responsibility lies on the person who purchased and installed the AP, not on the guy who is connecting.
 
TrueBuckeye said:
Good discussion. Interesting topic.

On the moral, rather than legal side, consider this.

I go to my friend's house, he has wireless setup and tells me to connect to it to get out to the internet. I fire up my laptop, immediately get a good connection on my Cisco card, and am out on the internet. The next day at work I am swapping my profile from the open access to my work (LEAP) access and I notice that the last AP I was connected to is called Smith1971. I ask my friend why he named his AP that and he tells me "oh...that's my neighbors."

This did happen. I wasn't downloading kiddie pr0n, warez or mp3s, I was just browsing a site or two while he was on the phone. Am I a felon? I did no harm to his network, I didn't try to break into his AP or any shares. HIS ACCESS POINT OFFERED MY NIC A CONNECTION. I think that is a fairly large statement to make. By broadcasting the ssid, his AP is out there shouting out connection offers.

Which then leads to my opinon of the legal side, I don't feel that this should be illegal. If you are going to put infrastructure in place that could be taken advantage of, then you had best be damn sure that it is secured. You are responsible for your own ap. Just because I can connect to it doesn't mean you are absolved of any responsibility. The burden of responsibility lies on the person who purchased and installed the AP, not on the guy who is connecting.

Understood. But if you continue to use it now knowing that it wasn't your friend... its wrong. And an updated XP now no longer will just hop on to unsecured connections, you have to tell it to. So there are a few variables to the equation, with the one common thing among them being if you are intentionally using someone elses AP without permission, you are wrong/illegal/a bastard (see my post in other thread). That concept works for many things in life. If you make a mistake because you didn't know, big deal. If you continue to use something that doesn't belong to you without the owners permission, especially if you think you have a right to, you are a dishonest person (I know, we are talking the nicest form of dishonesty here). Its really quite cut and dry.
 
OldPueblo said:
Understood. But if you continue to use it now knowing that it wasn't your friend...

And this is where we're faced with the conundrum. If he's GIVING out free wireless access who's to say its right or wrong to use it? Morality is a personal issue and should not be confused with technical ability or lawful obligation. Is it "wrong" to use it if you know its not yours? That's entirely up to personal preference. Are you legally absolved if you do? That's another question entirely and is exactly why this thread was created. For some reason people seem to lump these two issues in the same box, further confusing the matters at hand.

Just to play devils advocate, consider the following situation: You're walking through town and find you've got access while walking down the street. Would you feel wrong if you used the connection? Why? In my little scenario you come to find out after the fact that it was given to you by the city. Now how do you feel now about not using it? Silly for not taking advantage of the town's generosity? Morally justified because using free WiFi is "teh bad"? Why one over the other? I know this goes against my previous paragraph about not confusing legalities by debating morality, but I'm trying to make a point.
 
I think its a good point, but I don't think its quite that grey. Its one of those perception creates reality things, or understandable but not excuseable. A stupid user is going to buy the AP and plug it in without realizing how open they are. If they did, they would probably take steps. They aren't GIVING it, they are ignorant. The vast number of people not locking themselves down tells me that maybe the manufacturers need to put huge red pieces of paper in the boxes saying something like "You are in danger if not configured properly. RTFM!" They don't realize the danger/consequences. They might see something like "Login here to configure your router" but they they might also see "This should work right out of the box at default settings" and wonder why they need to configure it. I should clarify myself a bit. I don't take issue with hopping on and useing someones wireless in a pinch. Or for a quick whatever. I take issue (and no this isn't a crusade of mine :p ) with people thinking its their right or that it is perfectly legal, etc. Like copying your buddies tape back in the day. Everyone did it, no one really cared, but we all knew on a lower level that we were "stealing." I don't think morality is a personal issue, I think its a higher issue then that. But I won't bring religion into this. :) I could bump it a bit higher though and say morality can be tied to society, as in if the majority of society think using someone elses property without permission is wrong, then it is. I think this reaches that "morality tier" at least. So to sum up, use it if you have to but be aware that you shouldn't be so that you don't abuse it. If you want to be a boy/girl scout, let them know, especially since if they get...uh..."wardrived" (sp?) you might get "wardrived" too being on their network! (sorry, the word is growing on me) And to put the final nail in, as dumb and absurd as it sounds, think it likely that terrorists might utilize unsecured APs to communicate with each other, coordinate crap, etc? If you don't help people lock down APs you are supporting terrorism and are partly responsible for 9/11!!! (okay I'm joking...)
 
How about this point of view? (Sorta matches with what BobSutan just posted, I type too slow)

If you install a wireless access point, and don't do anything to secure it, then you are giving permission to anyone to use it. Every access point comes with specific instructions on how to keep things at least somewhat secure, but if do none of these, the you are actively making a choice to give anyone access to your network. If anyone is breaking the rules, it's probably you for violating the TOS with your ISP.

*Stupid hypothetical ahead*
What if I got home from work one day, and noticed that my neighboor ran an ethernet cable from my house to his. Barring any TOS violations from his ISP, is it illegal for me to use it? He didn't tell me I could use it, but the cable is there, so I'm assuming he is OK with it. How is this any different from his wireless AP signalling my PC and telling it to go ahead and connect, no passkey or specific MAC ID required?
*End stupid hypothetical*

Note: The above isn't really my point of view, I just like to toss out different ideas all the time, especially when most people don't agree with them. :)
 
If your neighbor doesn't lock his doors, and his fridge is open and full of beer, is it ok for you to walk in and take his beer without his permission?

It's more like your neighbor set up a bunch of beers in a big radius around his house. Some extended into public property, some even into your yard! Is it legal to drink the beer now? I don't know, I would think so. You'd have an argument in court, anyway.

That's still not totally paralleled, but it's a closer analogy. I did find intruiging the argument that a broadcasting AP is essentially advertising (even inviting) open access to the network it serves.

- Eric
 
Ericular said:
If your neighbor doesn't lock his doors, and his fridge is open and full of beer, is it ok for you to walk in and take his beer without his permission?

It's more like your neighbor set up a bunch of beers in a big radius around his house. Some extended into public property, some even into your yard! Is it legal to drink the beer now? I don't know, I would think so. You'd have an argument in court, anyway.

That's still not totally paralleled, but it's a closer analogy. I did find intruiging the argument that a broadcasting AP is essentially advertising (even inviting) open access to the network it serves.

- Eric

Yeah but maybe the same could be said about peoples cable/phone lines being on the outside of their house "inviting" you to tap in. And the wireless signal waves may bleed out past their property line, but when you connect you are connecting to the AP in their house. Therefore you are physically using a device in their house. If you could somehow tap into someones cable line without stepping on their property, is that the same thing? No big deal, perfectly kosher, etc? Come on, we all know the answer to this one, we would just like to get around it because hey....free wireless!
 
I see where you're coming from too -- I'm the kind of person that would let the neighbor know about it so they can secure it.

Honestly, it's more fun to discuss the legal and ethical issues surrounding your neighbor's open AP than it is to actually hop on and use it. Especially when you've got your own, am I right? I don't have any neighbors broadcasting so I wouldn't know. I mean most people with a laptop and wireless ability didn't purchase them in hopes the neighbor would someday set up an open AP. :)
 
Back
Top