SMS <scharf.steven@geemail.com> wrote:
>Alex Heney wrote:
>
>"A closed wireless network does not broadcast the SSID,
>requiring users to know the SSID to access the network."
Cite please! That is technically incorrect.
All the broadcast does is make the SSID available at short,
regular, intervals. The idea is that a *short* site survey scan
(short because when an AP does that it must disconnect from all
clients, switch to Client Mode, make the scan, and then return
to AP Mode) will be able to spot all other networks (without
excessive interuption of AP mode).
The purpose is *not* to allow connections to networks, but to
allow networks to be aware of others using the frequency
spectrum assigned to wireless; and thus making it possible for
networks to avoid interfering with each other.
As far as users knowing what the SSID is, any network that is
being used is making its SSID available with every single packet
sent, regardless of enabling or disabling SSID broadcasting.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
> A *lot* of people don't lock their doors. I lived in a house
> for 20 years that didn't even *have* a lock on the door.
Whether you lock your door or not is immaterial. There is no expectation
that anyone is opening their house to anyone that wants to come in,
because no one does this. With wireless it is exactly the opposite.
Microsoft got it right with their 'Wireless Network Connection Status' box:
"Unsecured wireless network
This network is configured for open access."
Now you may argue that it was the router manufacturer, not the end user,
that configured it for open access, but that is no excuse.
>>businesses, intentionally leave access to their wireless network
>>open to anyone, with the express intention that anyone that
>>wants to use it, may use it.
>
> And if you *know* that it is intended to be available for your
> use, then clearly you can legally use it.
Sorry, that's not the way it works. If it is not intended to be
available then it would not be configured for open access. There is the
principle of unreasonableness, which the courts do recognize. It would
be unreasonable for the end user to know which open access networks are
intended for open access, and which are not. For example, I pick up
eight wireless networks from my house, including my own. Three are
secure, including my own. Two clearly appear to be intentionally open,
based on the SSID, though there is no one to check with as to whether or
not they really are open. Three have names like "Netgear," "default," or
"Linksys," which may or may not be intentionally open. There is no way
for the end user to determine which open access networks are really
intended to be open access. If it ever went to court.
The idea that just
> because you can physically gain access implies permission is
> ridiculous at best, and at worst it approaches perversion to
> tell impressionable people that they have the right to invade
> someone else's property just because they can! If, because of
> your encouragement, even one person's network and privacy are
> invaded, that is bad. But it would be a horrible tragedy if
> someone you encourage ends up being convicted of a crime and
> spends time in jail...
On Tue, 02 Aug 2005 23:20:23 +0100, Roderick Stewart
<rjfs@escapetime.nospam.plus.com> wrote:
>In article <t64ve1dincun8ejos60plc39hd9cna0d37@4ax.com>, Paul Harper
>wrote:
>> >No there isn't. The SSID is simply an identification, not an
>> >invitation.
>>
>> That is an opinion, not a legal ruling.
>
>It may not have legal standing, but it's more than an "opinion".
>
>What do the letters "SSID" stand for?
>
>Does the expression imply anything to do with an offer, or permission?
What's that got to do with the price of cheese when you're
broadcasting into the public domain?
Paul.
--
.. A .sig is all well and good, but it's no substitute for a personality
.. Humour is very subjective. One man's light-hearted comment is another's insult.
.. Is there a moron carrot above? Have you replied to it? Are you sure?
.. EMail: Unless invited to, don't. Your message is likely to be automatically deleted.
On Tue, 02 Aug 2005 19:21:23 -0800, floyd@apaflo.com (Floyd L.
Davidson) wrote:
>There are a lot of people who get the idea that "broadcast" means
>you can do what you like with it, but the legal facts are that
>it is not true.
Cite a specific legal case, please. I'll assume you're just guessing
otherwise.
Paul.
--
.. A .sig is all well and good, but it's no substitute for a personality
.. Humour is very subjective. One man's light-hearted comment is another's insult.
.. Is there a moron carrot above? Have you replied to it? Are you sure?
.. EMail: Unless invited to, don't. Your message is likely to be automatically deleted.
Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
>On Tue, 02 Aug 2005 15:51:20 +0100, Roderick Stewart
><rjfs@escapetime.nospam.plus.com> wrote:
>
>>No there isn't. The SSID is simply an identification, not an
>>invitation. The registration plate on your car isn't an invitation for
>>somebody to drive it away, is it?
>
>Need an invitation? What could be more inviting than "Please Login:".
>It asked me to login, so I did.
In fact that *is* legally considered an invitation! Back about
15 years ago the fact that many systems (UNIX, for example, and
I think VMS too) had such invitations by default became
apparent, and it scared more "non-aware" managers half to death
than you can shake a stick at! The "Please Login" messages got
changed to absolutely hilarious (ever see the warning at the
bottom of any email that every attorney ever sends, they were
commonly twice as verbose) warning about prohibited access being
punishable by law, and citing specific statutes etc etc.
Followed by "Login:", absent the "Please"!
>The Florida law that makes "unauthorized" network access a felony
>requires that the user get "permission" from network owner. I realize
>that the UK might be different, but methinks that the legality hangs
>on this point.
Let me clip out, and add some emphasis to what you *said*:
>That leaves the question of what
>constitutes permission. Some document signed by the network owner
>would be nice, but rather impractical. Some kind of relationship
>(business, personal, tenant) might also imply permission. No easy
>answer for what constitutes permission.
Yeah... just ask Randal Schwartz, who went to jail because he
and HP had a very different opinion of what constitutes implied
permission.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
> That is indeed a complication. But what the computer does
> automatically is not an indication of the user's intent, legal
> or otherwise.
That is the main point in this discussion which I disagree with. I
believe that the owner should be responsible for the correct
operation of his equipment (computer or otherwise) and for correctly
setting it up or configuring it. Therefore, barring case of
malfunction (in which case the owner should get it fixed), the
operation of automatic equipment *is* an indication of the owner/user'
intent.
On Tue, 02 Aug 2005 21:31:24 -0800, floyd@apaflo.com (Floyd L.
Davidson) wrote:
>Yeah... just ask Randal Schwartz, who went to jail because he
>and HP had a very different opinion of what constitutes implied
>permission.
It was at Intel Supercomputer Systems Division in Oregon, not HP. http://www.lightlink.com/spacenka/fors/
It was more than just an interpretation of permission. He twice ran a
password cracker on password files downloaded from an SSD computer
which he was no long suppose to have access. That's a bit more than
casual access or assisting in improving security. I think the appeals
court decision has the best summary of the circumstances: http://www.publications.ojd.state.or.us/A91702.htm
On Wed, 03 Aug 2005 02:39:30 GMT, SMS in message
<news:C7WHe.7116$p%3.33961@typhoon.sonic.net> wrote:
> Agent777 wrote:
>> Excuse me for butting in but what do you think about some stores that
>> leave bags of mulch, bricks or other supplies outside overnight. I
>> suppose one could say they are offering it to anyone who would care to
>> help themselves.
>
> Yet another bad analogy. There is no expectation that any store would
> give away its products for free, but many businesses and individuals
> intentionally allow free use of their wireless networks. The ones that
> decide not to allow free access simply secure their networks.
>
> If some other posters here are correct, free wireless is not common in
> some countries, but in the U.S. it is very widespread.
I suspect that is *most* countries.
I believe North America is quite unusual if "free" wireless access is as
widespread as you say it is.
Whether your model will spread, or whether it will become more restricted
in the US & Canada, remains to be seen.
> So widespread in
> fact, that some cable companies and phone companies are trying to get
> laws passed that restrict it because they are justifiably worried that
> free access will result in less subscriptions.
I'm surprised they can't restrict it by contract, if they are concerned.
The ISPs providing connectivity could easily include contract terms
forbidding their customers from offering unrestricted access.
Unless your anti-trust laws would prevent that?
--
Alex Heney
Global Villager
"Fascinating," said Spock, watching Kirk's lousy acting.
To reply by email, my address is alexATheneyDOTPLUSDOTcom
On Wed, 03 Aug 2005 06:09:44 +0100, Paul Harper in message
<news:jbk0f1hair1upk5b5vtgl1uafhbm1bu5kt@4ax.com > wrote:
> On Tue, 02 Aug 2005 23:20:23 +0100, Roderick Stewart
> <rjfs@escapetime.nospam.plus.com> wrote:
>
>>In article <t64ve1dincun8ejos60plc39hd9cna0d37@4ax.com>, Paul Harper
>>wrote:
>>> >No there isn't. The SSID is simply an identification, not an
>>> >invitation.
>>>
>>> That is an opinion, not a legal ruling.
>>
>>It may not have legal standing, but it's more than an "opinion".
>>
>>What do the letters "SSID" stand for?
>>
>>Does the expression imply anything to do with an offer, or permission?
>
> What's that got to do with the price of cheese when you're
> broadcasting into the public domain?
>
The simple fact that your SSID is publicly visible does NOT mean that it is
an offer to use it for free, nor does it give permission to do so.
--
Alex Heney
Global Villager
If it works, tear it apart and find out why!
To reply by email, my address is alexATheneyDOTPLUSDOTcom
On Wed, 03 Aug 2005 03:23:20 GMT, Jeff Liebermann in message
<news:5b60f1pkq7ea1rht16fjne86s4s9nr7hn0@4ax.com > wrote:
> On Tue, 02 Aug 2005 15:51:20 +0100, Roderick Stewart
> <rjfs@escapetime.nospam.plus.com> wrote:
>
>>No there isn't. The SSID is simply an identification, not an
>>invitation. The registration plate on your car isn't an invitation for
>>somebody to drive it away, is it?
>
> Need an invitation? What could be more inviting than "Please Login:".
> It asked me to login, so I did.
>
> The Florida law that makes "unauthorized" network access a felony
> requires that the user get "permission" from network owner. I realize
> that the UK might be different, but methinks that the legality hangs
> on this point. If you have permission, it's legal.
Yep. That is more or less the same in the UK.
>Without
> permission, it's criminal. That leaves the question of what
> constitutes permission. Some document signed by the network owner
> would be nice, but rather impractical. Some kind of relationship
> (business, personal, tenant) might also imply permission. No easy
> answer for what constitutes permission.
But the point is that permission cannot just be assumed. There has to be
something (more than just the presence of an open router) to indicate that
permission has been deliberately granted.
--
Alex Heney
Global Villager
Windows NT: The world's only 80 megabyte Solitaire game!
To reply by email, my address is alexATheneyDOTPLUSDOTcom
On Wed, 03 Aug 2005 04:23:51 GMT, SMS in message
<news:rFXHe.7124$p%3.34047@typhoon.sonic.net> wrote:
> Floyd L. Davidson wrote:
>
>> A *lot* of people don't lock their doors. I lived in a house
>> for 20 years that didn't even *have* a lock on the door.
>
> Whether you lock your door or not is immaterial. There is no expectation
> that anyone is opening their house to anyone that wants to come in,
> because no one does this. With wireless it is exactly the opposite.
>
That is simply untrue.
I would bet there are a higher proportion of properties where there is an
implied right to enter (every shop, museum or similar) than there are
deliberately open wireless networks.
> Microsoft got it right with their 'Wireless Network Connection Status' box:
>
> "Unsecured wireless network
> This network is configured for open access."
>
No they didn't.
That statement makes an implication that is simply untrue.
This is not unusual for Microsoft.
> Now you may argue that it was the router manufacturer, not the end user,
> that configured it for open access, but that is no excuse.
>
The fact that it is configured that way is no excuse for *assuming* it is
deliberate.
Particularly if the value is still that of a router manufacturer (which is
what most are set to by default).
>>>businesses, intentionally leave access to their wireless network
>>>open to anyone, with the express intention that anyone that
>>>wants to use it, may use it.
>>
>> And if you *know* that it is intended to be available for your
>> use, then clearly you can legally use it.
>
> Sorry, that's not the way it works.
You are wrong. That *is* the way it works.
> If it is not intended to be
> available then it would not be configured for open access.
That can VERY easily be shown to be false. I would expect that well in
excess of 90% of networks "configured" for open access have not been
actively configured at all, but just left to default values.
And a simple demonstration of that fact in court would almost certainly be
sufficient for the court to accept that it should NOT be assumed from the
fact that a network is open, that it is *intended* to be used for free
public access.
>There is the
> principle of unreasonableness, which the courts do recognize. It would
> be unreasonable for the end user to know which open access networks are
> intended for open access, and which are not. For example, I pick up
> eight wireless networks from my house, including my own. Three are
> secure, including my own. Two clearly appear to be intentionally open,
> based on the SSID, though there is no one to check with as to whether or
> not they really are open. Three have names like "Netgear," "default," or
> "Linksys," which may or may not be intentionally open. There is no way
> for the end user to determine which open access networks are really
> intended to be open access. If it ever went to court.
>
The last three are almost certainly not intended to be open access, and I
am quite suer that the "reasonableness" test you talk of would show that.
I might just be able to accept that if deliberately free access is as
widespread in the US as you claim, then one with a changed SSID that is not
using encryption or blocking the SSID, has *probably* been left open by
deliberate decision.
One still using factory default settings almost certainly is not a
deliberate decision at all.
--
Alex Heney
Global Villager
That must be wonderful! I don't understand it at all.
To reply by email, my address is alexATheneyDOTPLUSDOTcom
scharf.steven@gmail.com wrote:
>
>"SSID is set by a network administrator and for open wireless networks,
>the SSID is broadcast to all wireless devices within range of the
>network access point."
>
>This is precisely the point. If the SSID is broadcast, then it's an
>open wireless network. If the network is not intended for open access
I have no idea what you are quoting, but that is precisely
bullshit. Whoever wrote it didn't have a clue.
Sounds like Microsoft documentation... ???
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
>On Tue, 02 Aug 2005 21:31:24 -0800, floyd@apaflo.com (Floyd L.
>Davidson) wrote:
>
>>Yeah... just ask Randal Schwartz, who went to jail because he
>>and HP had a very different opinion of what constitutes implied
>>permission.
>
>It was at Intel Supercomputer Systems Division in Oregon, not HP.
> http://www.lightlink.com/spacenka/fors/
Opps, yes, it was Intel. Not HP. (I just think of HP when I think
of Oregon...)
>It was more than just an interpretation of permission. He twice ran a
>password cracker on password files downloaded from an SSD computer
>which he was no long suppose to have access. That's a bit more than
>casual access or assisting in improving security. I think the appeals
>court decision has the best summary of the circumstances:
> http://www.publications.ojd.state.or.us/A91702.htm
But that supports exactly what I'm saying. Schwartz didn't view
what he was doing as a security intrusion, so much as doing his
employer a favor by demonstrating that there were problems which
he alone seemed to recognize. I'm not saying what he did was
smart, I'm just saying he didn't think he was really breaking
the law. He thought he was getting around a couple of hard to
deal with Pointy Haired Bosses. He was probably right to at
least some degree, and greatly wrong to a much greater degree.
Frankly, I thought, then and now, that criminal prosecution was
ridiculous, and lends weight to the PHB concept.
On the other hand, having had PHB's try to start exactly that
kind of investigation of *me* on at least two occasions that I
know of during the time period when that was a typical reaction
to anyone in a telephone office who understood computers, I
can't describe how stupid I think it is to not recognize the
potential danger. And of course the appropriate response to
that danger is to keep ones nose so polished clean that such
investigations turn out embarrassing for the person who
instigates them. (I ended up with battle scars; they ended up
bleeding to death!)
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
On Tue, 02 Aug 2005 20:39:44 +0100, Phil Thompson
<phil.thompson@spamcop.net> wrote:
>On Tue, 02 Aug 2005 18:24:04 +0100, Cynic <cynic_999@yahoo.co.uk>
>wrote:
>
>>And *if* the user can discover the Internet IP address that the
>>wireless network is using - which is not at all straightforward.
>
>http://www.showmyip.com/
>
>real tough that. Then there's all those security scanner sites.
Ask an average home PC user whether s/he knows about such sites. I
would be surprised if as many as 1 in 20 answer in the affirmative,
and I suspect that a great many have no idea what anP address *is*.
On Tue, 02 Aug 2005 11:52:13 -0400, Mike Ross <mike@corestore.org>
wrote:
>On Tue, 02 Aug 2005 14:22:21 +0100, Phil Thompson
><phil.thompson@spamcop.net> wrote:
>
>>On Tue, 02 Aug 2005 12:30:34 GMT, SMS <scharf.steven@geemail.com>
>>wrote:
>>
>>>Of course there is really no way to find the owner of a wireless network.
>>
>>debatable, often you could find the IP address and hence get to the
>>owner via ISP etc.
>
>Yes, *if* the ISP is able to map an IP address to a specific customer.
>Not all do this.
>
They all do, they have to.
With dynamic IP they keep logs of who is using a particular IP at any
time.
IME my dynamic IP hasn't changed in 3 years it's just that it's not
*guaranteed* to be unchanged so I'd be unwise to publish it. I'd have
to pay a bit extra for that.
>This is precisely the point. If the SSID is broadcast, then it's an
>open wireless network.
not really, the SSID could be broadcast (as in a local community LAN
near me) and it then use a variety of security measures including
encryption, MAC authentication, forced intro pages etc.
The presence of an SSID to faciltate location does not imply it is
open to all to access.
Phil
--
Remember - Global Warming is only a weather forecast :-)
On Tue, 02 Aug 2005 23:13:41 GMT, SMS <scharf.steven@geemail.com>
wrote:
>they still have CPP, which by all
>accounts results in tariffs that are about 2x what they are in the U.S..
and near 100% coverage and much higher market penetration, so maybe
its not all bad. The mobile phone tariffs paid by users are pretty
similar in cost, as its the landline caller that gets to pay the
premium for the calls.
Phil
--
Remember - Global Warming is only a weather forecast :-)
On Wed, 03 Aug 2005 06:11:42 +0100, Paul Harper <paul@harper.net>
wrote:
>Cite a specific legal case, please. I'll assume you're just guessing
>otherwise.
in the UK it is an offence to receive broadcast TV signals without a
licence, so there's one example where broadcast doesn't mean anyone
can use it for free with impunity http://www.tvlicensing.co.uk/informa...dpenalties.jsp
Phil
--
Remember - Global Warming is only a weather forecast :-)
On Wed, 03 Aug 2005 11:20:08 +0100, Cynic <cynic_999@yahoo.co.uk>
wrote:
>Ask an average home PC user whether s/he knows about such sites. I
>would be surprised if as many as 1 in 20 answer in the affirmative,
typing "IP address" into Google is within most peoples reach
>and I suspect that a great many have no idea what anP address *is*.
people seem fairly conversant with static and dynamic IP addresses
from ISP web sites etc, anyways even if they don't that is irrelevant
to your point that its really difficult to find the IP address of the
wireless network you are leeching off - its trivial.
Phil
--
Remember - Global Warming is only a weather forecast :-)
Derek ^ <usenet@miniac.demon.co.uk> wrote:
>>Yes, *if* the ISP is able to map an IP address to a specific customer.
>>Not all do this.
>
>They all do, they have to.
>
>With dynamic IP they keep logs of who is using a particular IP at any
>time.
Last time I knew (it's been awhile), they all did keep logs.
However, for privacy reasons those logs are *not* shared with
just anyone. Law enforcement and any legitimate business
reason, but never just because someone wants to know who it was
that did it...
>IME my dynamic IP hasn't changed in 3 years it's just that it's not
>*guaranteed* to be unchanged so I'd be unwise to publish it. I'd have
>to pay a bit extra for that.
Of course even if it did change, you can get a domain name and
DNS service that will update within seconds of being notified of
a change.
Do a ping to my domain name, and my web site (listed in my
signature below) now, and then do it again tomorrow. One will
probably change, the other won't.
For a while longer my connection is a dialup v.90 modem that
gets disconnected every 8 hours. It often gets the same IP
address if dialed back immediately, but most of the time my
IP address changes at least a couple times a day. The www
and mail hosts are both directed at other hosts.
--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
> >Yes, *if* the ISP is able to map an IP address to a specific customer.
> >Not all do this.
>
> They all do, they have to.
>
> With dynamic IP they keep logs of who is using a particular IP at any
> time.
Actually, not all ISPs can map an IP address to a customer. They can
usually do so for broadband connections and can usually do so with
contracted customers. But ISPs that offer a "pay-as-you-go" dialup
service may only, at best, be able to link an IP address with a
telephone number. If that number is an unregistered mobile phone, the
user of the IP address could be anyone.
It's probably not very practical to run a WiFi service through a mobile
phone but it's tecnically possible.
Another interesting scenario (from a technical point of view) would be
to connect a WiFi service via a VPN to one of the ten million or so
compromised Windows PCs scattered throughout the world, via a few port
forwarders for added security. Now that would be totally untraceable
and trivial to set up by anyone with the appropriate expertise.
Phil Thompson wrote:
> On Wed, 3 Aug 2005 08:51:58 +0100, Alex Heney <me8@privacy.net> wrote:
>
>
>>I believe North America is quite unusual if "free" wireless access is as
>>widespread as you say it is.
>
>
> I always seem to end up at a web page wanting to get to know my credit
> card.
>
> Phil
There are whole towns with free Wi-Fi, something that has terrified the
DSL and Cable companies. You already have red states enacting laws
prohibiting municipal WiFi, i.e., see:
"http://www.wi-fiplanet.com/news/article.php/3515206"
The cable companies and phone companies are big campaign contributors to
Republicans, so they are able to get these laws passed.
However what they can't stop, are businesses and individuals from
providing free WiFi. There are probably about 25 places in my relatively
small city where I can get free WiFi, including a public park 1/2 km
from my house, and a cafe 1/4 km from my house. It's the exception,
rather than the rule, for a cafe to have paid WiFi. Starbucks has
T-Mobile hot spots, but sometimes you can get free Wi-Fi even at Starbucks.
On Wed, 03 Aug 2005 11:41:06 +0100, Derek ^
<usenet@miniac.demon.co.uk> wrote:
>On Tue, 02 Aug 2005 11:52:13 -0400, Mike Ross <mike@corestore.org>
>wrote:
>
>>On Tue, 02 Aug 2005 14:22:21 +0100, Phil Thompson
>><phil.thompson@spamcop.net> wrote:
>>
>>>On Tue, 02 Aug 2005 12:30:34 GMT, SMS <scharf.steven@geemail.com>
>>>wrote:
>>>
>>>>Of course there is really no way to find the owner of a wireless network.
>>>
>>>debatable, often you could find the IP address and hence get to the
>>>owner via ISP etc.
>>
>>Yes, *if* the ISP is able to map an IP address to a specific customer.
>>Not all do this.
>>
>
>They all do
No they don't.
> they have to.
No they don't. Who says they have to?
My ISP doesn't - they specifically configure their routers so that's
it's not possible to associate a specific IP address with a specific
customer. See:
On Wed, 03 Aug 2005 03:05:11 -0800, floyd@apaflo.com (Floyd L.
Davidson) wrote:
>Derek ^ <usenet@miniac.demon.co.uk> wrote:
>>>Yes, *if* the ISP is able to map an IP address to a specific customer.
>>>Not all do this.
>>
>>They all do, they have to.
>>
>>With dynamic IP they keep logs of who is using a particular IP at any
>>time.
>
>Last time I knew (it's been awhile), they all did keep logs.
>
>However, for privacy reasons those logs are *not* shared with
>just anyone. Law enforcement and any legitimate business
>reason, but never just because someone wants to know who it was
>that did it...
Well yes they can keep logs, but they don't have to contain
information that could identify the customer. Some ISPs place a
certain value on privacy, mine for instance:
> I would bet there are a higher proportion of properties where there is an
> implied right to enter (every shop, museum or similar) than there are
> deliberately open wireless networks.
You are changing the subject from homes to public properties, in a
desperate attempt to prove your point. It will not work. You cannot
compare shops, or other publicly accessible properties, to private homes.
Dvorak got it right, the unlocked house analogy is a dopey analogy,
which does not apply, even though his water analogy is also not very good.
At least in the U.S., any analogy needs to address the fact that many
individuals and businesses intentionally leave their networks open to
use by others, even when they do not explicitly broadcast their
availability. The wide availability of free wireless means that if a
business wants to charge for wireless, or if an individual or business
does not want others using their connection, that they should use one of
the several security methods available on their router.
If you want to find a proper analogy, find a service that meets the
following criteria:
1. The service is very often intentionally provided for free by
businesses, and municipalities,
2, The service is very often intentionally provided for free by individuals,
3. Some businesses charge for the service,
4. Some individuals and businesses don't want others to use the service
so they prevent others from using the it, with security that costs them
nothing to implement,
5. Some individuals and businesses don't care if anyone uses the
service, but that don't encourage the use either; they take no steps to
prevent the use by others, but neither do not advertise the availability
of it,
6. Some individuals and businesses don't want anyone else to use the
service, but they are too lazy or dumb to take steps to prevent the use
by other,
7. The user of the service has no reasonable way of determining whether
free providers of the service are doing it intentionally, or doing it
because they are lazy or dumb.
You have to look at the big picture here. Since the most popular OS will
automatically associate with an open network, whether it is legal or
not, it is the responsibility of the network owner to prevent this from
occuring if they don't want it to occur.
You should not use a wireless network that the owner does not want you
to use. But given the reality of how WiFi works, the network owner has
to take some personal responsibility as well.
In article <87slxr4sek.fld@barrow.com>, Floyd L. Davidson wrote:
> There are a lot of people who get the idea that "broadcast" means
> you can do what you like with it, but the legal facts are that
> it is not true.
Exactly. This even applies to radio and television broadcasts, which
are only offered to the public under specific terms and conditions for
specific purposes. They are *not* public property, and you may *not* do
what you like with them.
In article <5b60f1pkq7ea1rht16fjne86s4s9nr7hn0@4ax.com>, Jeff Liebermann
wrote:
> The Florida law that makes "unauthorized" network access a felony
> requires that the user get "permission" from network owner. I realize
> that the UK might be different, but methinks that the legality hangs
> on this point. If you have permission, it's legal. Without
> permission, it's criminal. That leaves the question of what
> constitutes permission. Some document signed by the network owner
> would be nice, but rather impractical. Some kind of relationship
> (business, personal, tenant) might also imply permission. No easy
> answer for what constitutes permission.
Permission is the key point wherever you are. *People* can give
permission. Non-sentient artefacts cannot. They can only do what they have
been set up to do.
Most of the equipment we are talking about here is factory set to transmit
its manufacturer's name as an identifier, and to allow anybody to make
contact, and it's probably safe to assume that most of the people who buy
it don't know this. Therefore a manufacturer's name on an unsecured
network almost certainly means that it belongs to somebody who does not
know that they are vulnerable. Their ignorance is *not* the same as their
permission for you to help yourself. Anyone who wants to indicate their
permission for anyone to use their network can quite easily change their
broadcast SSID to something that makes this clear.
Re: Hijacking a broadband connection 
Linear Mode
