Bill Knight wrote:
> One thing I did not see mentioned is that it is illegal to access another
> person's router/access point without there permission. I cannot find my
> link I had, but it is considered a federal offense. Not saying I do not
> partake in this, but be careful you do not access the wrong person's AP and
> get into a heap of trouble. Check out www.wardriving.com and check out some
> the stories there. Also check www.michiganwireless.com .
Yup, that's definitely the case. It is not, however, against any law to
"wardrive" (i.e. just detect networks and their status). As far as I
know, it is also not illegal to monitor networks (i.e. running a card in
RF monitor mode and looking at the packets that it picks up, so long as
you are not breaking anyone else's encryption). I can't see any way for
that to be illegal, because I actually use tools that do that for
legitimate purposes at work. They are also frequently used on college
campuses and even in offices to make sure that
students/residents/employees are not running any "rogue" access points
that violate the company's network policy.
Obviously, though, the biggest mistake you could make would be sending
personally identifiable information over someone else's link. I suspect
it would also be difficult for them to prove in court that you did not
"accidentally" enroll in someone else's access point if it was
configured with all of the defaults that might have matched your own
network. (i.e. if my neighbor has a Linksys access point, configured
with factory defaults [ssid linksys, no encryption, no filtering] and I
also have a device with the same configuration, I would have no easy way
of telling which network is mine and which is my neighbor's, and I may
inadvertently use his network connection. In fact, that would happen if
I had an AP in default configuration at my house, which of course I don't.
On the other hand, if someone has taken *any* steps to make sure people
don't stumble onto their network (I'm thinking along the lines of
something as simple as changing the ssid), it would be much easier to
prove in court.
Of course, they would also have to be able to identify you (not easy if
you are not sending any personal data over the connection) and then
trace (wirelessly, mind you) the signal back to your location. This
would be easy for the FCC or a tech-savvy individual to do, but not so
easy for the average dummy who has an insecure access point. I highly
doubt that the FCC has the time, resources, or inclination to respond to
complaints people have about someone else latching onto their AP. I
suspect their first response would be to tell the people to secure their
network. I know there have been some cases -- and I suspect that they
were primarily intended to make examples out of a small number of people
to discourage a larger number of people (like the whole music sharing
thing).
-Bill
This archive was generated by hypermail 2b29 : Sat Jan 01 2005 - 11:48:08 EST