Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Finland To Legalize Use of Unsecured Wi-Fi

Soulskill posted more than 4 years ago | from the it-turns-out-not-to-be-a-swedish-trap dept.

Wireless Networking 151

Apotekaren writes "The Finnish Ministry of Justice has started preparing changes to a current law that criminalizes using unsecured wireless hot spots (Google translation; Finnish original). The reasoning includes the impossibility of tracking unlawful use, the ease of securing networks, and the lack of real damage done by this activity. It is also hard for a user to know if an unsecured network is intended for public use or not. The increased ubiquity of legal, open networks in parks, airports, and other public places has also influenced this move by the Ministry of Justice."

cancel ×

151 comments

Sorry! There are no comments related to the filter you selected.

There's got to be a better way... (4, Interesting)

LostCluster (625375) | more than 4 years ago | (#32539882)

We need a standard for secure WiFi that allows guests in, most likely by giving them a personal shared key on their receipt or ticket. The big problem with unsecured WiFi is that there's no accountability. Some video-downloading hog can take all the bandwidth, and trying to use anything on 2.4 GHz during a Apple or Google developer conference presentation is near impossible. WiFi was a good first take, but we've got to work QoS and authentication in just like we have for wired just for safety's sake. Otherwise, these laws banning open WiFi actually make sense.

Re:There's got to be a better way... (2, Insightful)

Tiger4 (840741) | more than 4 years ago | (#32540046)

If the protocol automatically left a token on the host machine, it would then be up to the host to decide if she cared or not about who had been visiting. Of course that would just lead to some kind of spoofing behavior.

Or we could get the vendors to just have security ON by default. Or even have the OFF setting have a timeout, so it defaults back to ON after a few hours/days. Then when the owners turn it off, they can't claim they didn't know what it meant.

Re:There's got to be a better way... (5, Insightful)

fotbr (855184) | more than 4 years ago | (#32540070)

Sounds like you don't need laws, you need more bandwidth.

Re:There's got to be a better way... (3, Funny)

laejoh (648921) | more than 4 years ago | (#32540706)

That's one t-shirt that won't get any RIAA approuval!

Re:We have the bandwidth (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32541576)

I'm paying 45 euros/month for a 110Mb line (yes, actual speed) here in Helsinki. So bandwidth wouldn't be a problem. OTOH, what might become interesting might be the operator agreements, wouldn't the operators want to stop people from sharing their connection? And how is anyone ever going to be able to use IP addresses as evidence anymore if you can just claim that you have an open network.

Re:We have the bandwidth (1)

MalHavoc (590724) | more than 4 years ago | (#32541742)

Cool! I will be in Helsinki in September. Can I get on your network? :)

Re:We have the bandwidth (2, Insightful)

Mr. Freeman (933986) | more than 4 years ago | (#32541974)

"And how is anyone ever going to be able to use IP addresses as evidence anymore if you can just claim that you have an open network."

I guess that you'll have to actually obtain some evidence of illegal activity then. It is not the job of laws to restrict freedom for the purpose of making it easy to sue people or catch criminals.

The price of freedom is that some criminals will run free, get used to it. It's what all of America was built on for fuck's sake. It saddens me that there's people who can't accept this fact.

Re:There's got to be a better way... (0)

Anonymous Coward | more than 4 years ago | (#32540084)

I don't know, is it that bad that the wifi is unsecured? I mean i know my comp is protected and you should protect your own computer but if having an unsecured connection is the worst thing to happen than i wouldn't be that worried. an open and free information infrastructure can only help in the long run.

Re:There's got to be a better way... (0, Troll)

Michael Kristopeit (1751814) | more than 4 years ago | (#32540190)

yeah, go buy some condoms and screw all the hookers with AIDS you can find.... YOU'RE PROTECTED!

Re:There's got to be a better way... (1)

natehoy (1608657) | more than 4 years ago | (#32540342)

an open and free information infrastructure can only help in the long run.

... until you get a bunch of people who complain loudly that no one should be allowed to use their open and free access point without permission, and try to get laws passed that (warning: bad analogy) everyone else in earshot has to cover their ears and yell "LALALALALA!" if you want to shout your credit card number onto a cell phone in a crowded train.

This law is a perfect response to the argument that no one should be allowed to access WiFi access points without the owner's express permission - it's establishing a clear permission system so the people who are asking for the protection are assured said protection.

Re:There's got to be a better way... (5, Insightful)

fluch (126140) | more than 4 years ago | (#32541236)

If the owner leaves the WiFi access point unsecured and the DHCP server gives to my the network config info needed, then I consider this as the owners permission to use his network: my computer asked if it can join the network, the DHCP server (configured by the owner) said yes, here are the details.

Re:There's got to be a better way... (-1, Troll)

LostCluster (625375) | more than 4 years ago | (#32542400)

Yep, and you're also giving everyone within your network's airspace to sniff every packet you send, and it's trivial to spoof your MAC address at which point they're on your network and identified as you... you fail.

Re:There's got to be a better way... (1)

amazeofdeath (1102843) | more than 4 years ago | (#32542478)

Exactly the point of TFA. The summary translation is not too good, but basically it's going to be: if you don't encrypt -> you are offering a free service.

Re:There's got to be a better way... (3, Interesting)

Stenchwarrior (1335051) | more than 4 years ago | (#32540198)

I agree. Where's the middle ground here? I guess making anyone who wants to use the public stuff register their MAC would be a huge pain in the arse, not to mention how easily that is spoofed. What about logging in through a proxy with user-name and password? It would have to be something that changes frequently otherwise they would be swiped by MitM attacks. Why not some sort of biometric credentialing that requires fingerprint or retina? The whole idea is to satisfy audit-tracking and accountability policies but biometrics sounds like a pain, once again.

Surely someone here has some good ideas?

Re:There's got to be a better way... (0)

Anonymous Coward | more than 4 years ago | (#32540224)

How about there be some sort of system that automatically VPNs you back to your home account while sticking your local access in a honeypot. Security for both ends.

Re:There's got to be a better way... (0)

Anonymous Coward | more than 4 years ago | (#32540280)

the ONLY solution is single use dictionaries that were physically transferred.

fingerprint and retina data, after it is digitized, is no harder for a man in the middle to spoof than anything else.

i once had to explain to my boss that having javascript alter the user's password before it was transmitted to protect against MitM was pointless... i'm still not sure he agrees.

Re:There's got to be a better way... (1)

commodore64_love (1445365) | more than 4 years ago | (#32541058)

You could just throttle all your guests to 1 Mbit/s or less.

Also: I thought the EU Parliament made it illegal to have open wifi spots?

Re:There's got to be a better way... (1)

Lord Juan (1280214) | more than 4 years ago | (#32541654)

That comment hurts, because the connection I am currently in is 1 Mbit/s, and I can't wait to go back home where I have a whooping 2Mbit/s =( (I live in Mexico)

Re:There's got to be a better way... (1)

commodore64_love (1445365) | more than 4 years ago | (#32542072)

Lucky dude. I'm only got 0.7 Mbit/s

Re:There's got to be a better way... (1)

LostCluster (625375) | more than 4 years ago | (#32542262)

Yep... there needs to be a way to make the registration easier... like a QR-style code that prints on your receipt, so we know everybody on the network is a paying customer, and meter out the bandwidth according to how much the owner cares about them. Then nobody's typing 128 bit keys, but we have the security of a frequently changing 128 bit key.

Re:There's got to be a better way... (1)

natehoy (1608657) | more than 4 years ago | (#32540200)

I agree.

No one, least of all me, likes a "nanny law" - and hoo boy is this one the daddy of all nanny laws - but if people are going to continue to expect the law to somehow work to protect them from ne'er-do-wells, this is about the best possible law that could actually work.

If we want the laws to protect people, then they need to be written so as to offer that protection. The one and only way to prevent someone from using or snooping your WLAN (short of turning it off or containing all of the signal it emits) is to encrypt all traffic on it. Passing laws against using an unencrypted network will not actually protect anyone - it will simply give them a false sense of security.

So, if a law is needed, this is the easiest, most effective law that actually affords the protection it promises to the people who need it.

I wish we didn't need a law, but the alternative to a law is personal responsibility for ones own security, and one only has to follow the discussion boards for one or two WiFi privacy discussions to see that many people don't WANT to take responsibility for their own security, and feel that the government should somehow do it for them, when that's clearly impossible.

For conferences, restaurants, or other people who want their accounts used, the answer is really simple - secure them with a short, easy-to-type key that is printed on a card or sign that's clearly visible to all patrons or attendees.

Re:There's got to be a better way... (1)

Anssi55 (729722) | more than 4 years ago | (#32540872)

Passing laws against using an unencrypted network will not actually protect anyone - it will simply give them a false sense of security.

The law is against *unauthorized* usage of an unencrypted Wi-Fi network.

Re:There's got to be a better way... (3, Interesting)

natehoy (1608657) | more than 4 years ago | (#32541142)

I don't understand, then.

I turn on my WiFi device, and it looks for permission to use a connection. It finds a router which is clearly broadcasting its presence in a public place.

It then asks the router (which has been configured by its owner) for permission to use the network.

The router (which has been configured by its owner) grants permission and hands out an IP address for my device's use.

What part of unauthorized could possibly apply here?

This law simply clarifies the definition of "unauthorized".

Having said that, you miss the point I was trying to make.

If I want to use your open network to sniff out your credit card number, your Facebook account credentials, snoop your open network shares over your open network, there is not a law on the books which is going to technically prevent me from doing so. I'm going to collect that information, and there's about a 99.999% chance no one will ever catch me doing so. Meanwhile, you're in your house thinking the law is somehow keeping you safe. Hint: It isn't.

You might sit in your house thinking the law protects you, but that's a dangerous sense of security. It actually encourages you to run your network "open", because you think the law protects you.

If you want the law to protect your WiFi access point from unauthorized use, then this law is exactly what you want.

It establishes clear guidelines as to what "authorized" means, makes you an active participant in protecting yourself from harm, and sets a foundation that both protects you from evildoers and allows the police to identify truly unauthorized users at the same time.

Re:There's got to be a better way... (2, Interesting)

Sancho (17056) | more than 4 years ago | (#32541410)

What part of unauthorized could possibly apply here?

At least in most states in the US, there's technical ability and then there's legal authorization. I technically have the ability to open my neighbor's door and walk into their house. I do not have the legal authorization to do so. This is analogy is more apropos than most because my neighbor is handicapped and has a button which opens the door automatically if it is unlocked.

I have the technical ability to connect to most open access points. I may not have the legal authorization to do so. Just because the router is configured (by default, in most cases) to hand out addresses does not indicate that there's a legal authorization to use the network. Though it seems like about half of Slashdotters think that if you can do something, you should be authorized to--that simply isn't the way the law works.

If I want to use your open network to sniff out your credit card number, your Facebook account credentials,

These may fall under some state wiretapping laws. But your choice of wording is somewhat unfortunate. You probably aren't using the network, in these cases. You're just capturing data transmissions.

snoop your open network shares over your open network

I guess this depends on what you mean by 'snoop.' Capture files as they go across the wire? See above. Connect to the shares? That's likely a violation of the Computer Fraud and Abuse Act.

Meanwhile, you're in your house thinking the law is somehow keeping you safe.

The law doesn't perform actions, so anyone who thinks that any law keeps them safe is being silly.

What happens is that people fear getting caught, and so they don't take the actions. If there's almost no chance that they'll be caught, sure, they might not care. But that's why there are often very high penalties for these types of crimes.

Regardless, there are ways of getting caught doing passive sniffing. The law is not unenforceable. If I see you in your car outside of my house with a laptop, you might be up to no good. I could call the police to have them investigate.

Re:There's got to be a better way... (1)

tsm_sf (545316) | more than 4 years ago | (#32542180)

At least in most states in the US, there's technical ability and then there's legal authorization. I technically have the ability to open my neighbor's door and walk into their house. I do not have the legal authorization to do so. This is analogy is more apropos than most because my neighbor is handicapped and has a button which opens the door automatically if it is unlocked.

That's a bad analogy. Do we actually need an analogy for this? Does anyone reading /. not understand how this works? Modern APs come with installation cds and, damn it, a four page cartoon pamphlet showing you how to configure your gear. There is no excuse for not securing your access point if you don't want people to use it.

Fuck's sake people, it's not a car, it's not a house, it's not a wind-up toy doggie. We all understand the concept so quit with the shitty analogies.

Re:There's got to be a better way... (1)

Sancho (17056) | more than 4 years ago | (#32542284)

What? It's a technical doohicky with an optional lock that invites you in if you press a button. It's an almost perfect analogy. The difference is wholly within the culture. Technical people have a culture of "If I can do it, it's allowed." Everyone else has a culture of "If you want to use someone else's property, they need to tell you that it's ok for you to use it."

The geeks who don't get that are the ones who are fucked up.

Re:There's got to be a better way... (5, Insightful)

Mordok-DestroyerOfWo (1000167) | more than 4 years ago | (#32540216)

I'd argue that you really don't need to reinvent the wheel. I like the idea of guest accounts. Simply throttle their bandwidth to something appropriate for the activity. If you're running a hotspot and are graciously allowing your neighbors access then 10 connections with 20 kbps each seems perfectly reasonable to me.

Re:There's got to be a better way... (4, Informative)

fbjon (692006) | more than 4 years ago | (#32541150)

I do exactly this with Tomato WRT. QoS throttling for all unknown devices down to around ISDN speeds. It can be circumvented of course, but I don't really see that happening.

Re:There's got to be a better way... (1)

Korin43 (881732) | more than 4 years ago | (#32541818)

The problem is that there's only "secure with password" and "completely insecure" modes. Why isn't there a way to have encrypted anonymous access? It's obviously possible since people do it with SSL all the time.

Re:There's got to be a better way... (1)

LostCluster (625375) | more than 4 years ago | (#32542444)

The difference between "accounts for guests" and "the guest account" is that one knows takes the time to identify who you're giving access to, and the other doesn't bother. Since there's a lot of money to be made when you know your customers better, that's the better solution for business places...

Re:There's got to be a better way... (3, Interesting)

MozeeToby (1163751) | more than 4 years ago | (#32540364)

So because open WiFi doesn't work in the most extreme situations, everyone should be legally obligated not to use it? Really? That is your argument? Open WiFi works just fine at my house (with a separate 'guest' SSID that doesn't grant network access obviously), and my place of business, and the college I attended, and the park downtown, and any number of other situations. There's absolutely no reason to ban operating an open WiFi connection except to make copyright content owners happy.

Re:There's got to be a better way... (1)

LostCluster (625375) | more than 4 years ago | (#32542006)

It's Steve's Keynote, and the announcement went out to the developers and media in the audience that all cell phones and PDAs must be turned off. This isn't just for information control, but also so the demos on stage will work. Not enough people listened, and the demos failed.

There's only 11 WiFi channels, and they overlap. Basically, if there's more than 11 WiFi networks in the auditorium, there's going to be problems. The owners of the space (in this case, Steve) should have some way to control the WiFi users in the room... and if they don't want to play by the rules then they shouldn't be in Steve's room.

Re:There's got to be a better way... (4, Informative)

amazeofdeath (1102843) | more than 4 years ago | (#32542414)

There's no ban on *having* an unsecured WiFi access point in Finland. The bad wording in TFS muddles it a bit, but the point is that *unauthorized* use of an open WiFi access point is illegal currently. The new law is supposed to allow any use of open WiFi networks, as it can easily happen accidentally, the user often doesn't know whether there's a permission to use the network, and encrypting the network is pretty damn easy.

OpenBSD. (0)

Anonymous Coward | more than 4 years ago | (#32540408)

If the topic is computer security, and the question begins "There's got to be a better way to ...", then the answer is always OpenBSD. Always.

Re:OpenBSD. (1)

hardburn (141468) | more than 4 years ago | (#32541732)

OpenBSD will secure your wireless network for you, in a way that lets guests easily access it while keeping ner-do-wells out?

Or how about this one: "There's got to be a better way to encrypt web traffic than OpenSSL".

Re:There's got to be a better way... (2, Insightful)

Paracelcus (151056) | more than 4 years ago | (#32540456)

BS, we don't need more and more draconian laws that are almost impossible to enforce and make lawbreakers out of ordinary harmless Lusers.

Get tough on crime! just like the 17 year old girl who got life for having a pound of pot in her possession! We'll teach her! after 70 years in the slammer getting raped, beaten and finally forgotten she can be safely loosed upon society, her debt paid and in the final months of her life she can reflect how truly sorry she is for her transgression and how wise those laws are that prevented her from having a family or ever having even a little comfort or happiness.

USA, USA, USA!

Re:There's got to be a better way... (1)

an unsound mind (1419599) | more than 4 years ago | (#32540858)

Only, TFA is about Finland.

Where "life in jail" means 12 years. We're not USA, and we're happy to not be as strict on crime.

Re:There's got to be a better way... (1)

amazeofdeath (1102843) | more than 4 years ago | (#32542312)

"Life in jail" in Finland means life in jail. Most prisoners get out by a presidential pardon, and the mean time to get the pardon is 12 years currently, but our law can truly hold you in prison for life.

Re:There's got to be a better way... (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#32541032)

Get tough on crime! just like the 17 year old girl who got life for having a pound of pot in her possession!

[...]

USA, USA, USA!

[Citation Needed]

Re:There's got to be a better way... (1)

Paracelcus (151056) | more than 4 years ago | (#32542424)

It isn't just one incident, it's literally thousands of very young people sentenced to absurd terms and even death, many times on feeble evidence that any competent attorney could successfully challenge.

http://www.commondreams.org/headlines05/1121-05.htm [commondreams.org]
http://www.commondreams.org/headlines05/1012-02.htm [commondreams.org]
http://www.commondreams.org/headline/2009/11/24-4 [commondreams.org]
http://www.nytimes.com/2005/10/03/national/03lifers.html [nytimes.com]

Re:There's got to be a better way... (1)

Anonymous Coward | more than 4 years ago | (#32540468)

QoS, Authentication AND bandwidth shaping. Basically all the stuff formerly classified as enterprise.

Consumer routers: due for some innovation: http://www.maximumpc.com/forums/viewtopic.php?t=104330

Re:There's got to be a better way... (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32540560)

Forget it. Wifi is in unlicensed bands. You simply cannot protect against uncooperative users. You don't have to provide services to them, but they can always use the band as they wish. For example, it only takes two wireless video bridges to kill 2.4GHz Wifi within range of the bridges. On a Wifi network, the access point can already shape the traffic. There are other modes than open or shared key, so the individual encryption without a complicated user interface is not the norm merely due to lack of convention, not due to a technical deficiency. It is worth noting though that the encryption on the wireless interface is security theater in the case of public wireless networks, because it lacks authentication: How can the customer tell if he's logging into the wireless network of the coffee shop or the friendly hacker at the next table?

Re:There's got to be a better way... (1)

sqrt(2) (786011) | more than 4 years ago | (#32540672)

Apple's Airport routers have a guest network feature, and I think it can be configured to only give limited bandwidth and services to people on that network. If you have the password, you join the secure network and get full speed.

Re:There's got to be a better way... (1)

LostCluster (625375) | more than 4 years ago | (#32542354)

Yep, that's the direction I want to this to go. Make it easy for the admin/owner of the bandwidth in a place to control how they give it out, and easy for the user to take it or leave it.

Re:There's got to be a better way... (2, Informative)

Anssi55 (729722) | more than 4 years ago | (#32540832)

There seems to be some confusion. The law in question only forbids unauthorized access. It does not forbid unsecured Wi-Fi itself (yes, summary is wrong).
And now they may be changing the law to allow accessing unsecured Wi-Fi without asking for permission.

Re:There's got to be a better way... (2, Interesting)

vlueboy (1799360) | more than 4 years ago | (#32541366)

It was easier for me to just turn off WPA2 than to give my string or allow MAC addresses for some one-time guests the other day. Even WPS is a pain in the neck.

I think your idead of receipts is wonderful. What we need is for a company to put one Guest Button on every router, with a big juicy text LCD screen. You push the button and the LCD gives you a SHORT temp password (aiming 64-char keys would defeat the purpose) with its own LAN for the people in front of you. After a set period (configurable in your router) the lan disappears, and the MAC addresses are logged in case you want to add them to your security.

My DLink 825 is proof that companies trust users to do pretty complext stuff on consumer routers, down to IPv6 configuration, DHCP management and access rules. I'm suggesting just another feature that will sell your routers as user friendly.

Re:There's got to be a better way... (1)

LostCluster (625375) | more than 4 years ago | (#32541840)

and the MAC addresses are logged in case you want to add them to your security

You can do better than that. Tie the receipt with the temp code to the transaction that generated it. If they paid by credit card, you've got a name and identity. Even if they paid by cash, you've got the timestamp that you can take to the security camera and get a photo of the person.

Point is, nobody's download The Hurt Locker on this connection and not leaving us with a person to point to...

Re:There's got to be a better way... (1)

vlueboy (1799360) | more than 4 years ago | (#32542188)

You can do better than that. Tie the receipt with the temp code to the transaction that generated it. If they paid by credit card, you've got a name and identity.

Oh, my apologies. I was confused reading your post because I mis-interpreted receipt as something other than a business sales receipt log and moved to the home consumer perspective in my post.

You are right about the transaction logging. I just meant that mac address logging is pretty damn lacking in the home router front. I sometimes experiment removing all security so I can build blacklists instead of whitelists. I let my neighbors log in and can read their connected MAC addresses. If I am away from home and they log off, only IP's are recorded and I miss the chance to blacklist the MAC for some pesky blackberries, wireless printers, laptops and wireless motherboards, cell phones and portable videogame systems.

Re:There's got to be a better way... (1)

DigitAl56K (805623) | more than 4 years ago | (#32542250)

The big problem with unsecured WiFi is that there's no accountability.

A big problem with unsecured WiFi is that typical home systems consider the LAN non-public and safer than the WAN, and a user who doesn't know enough to secure their WiFi doesn't know enough to understand this issue either.

Gateways (4, Funny)

suso (153703) | more than 4 years ago | (#32539900)

Finland To Legalize Use of Unsecured Wi-Fi

Kids, don't you know that unsecured wifi is just a gateway. Pretty soon you'll be cracking into stuff with stronger encryption. Then where will be? Sitting on the side of the road in some bad neighborhood looking asking to borrow a power jack.

Re:Gateways (4, Funny)

ArbitraryDescriptor (1257752) | more than 4 years ago | (#32540066)

Kids, don't you know that unsecured wifi is just a gateway. Pretty soon you'll be cracking into stuff with stronger encryption. Then where will be? Sitting on the side of the road in some bad neighborhood looking asking to borrow a power jack.

That's bullshit. I didn't even try unsecured wifi until I had spent countless hours on stolen AOL passwords. If anything it's the illegal nature of wifi that draws people into harder stuff. By forcing them to hangout in seedy locales, like underground poetry bars, they are exposed to things like hipsters and thick-rimmed, non-prescription glasses; things that they would have never even heard of otherwise!

Re:Gateways (1)

suso (153703) | more than 4 years ago | (#32540204)

Alright, I'm really really serious now. This is the last time. For sure.

This is your dialup

This is AOL

This is your dialup on AOL

*sizzle*

Any questions?

Re:Gateways (5, Funny)

ArbitraryDescriptor (1257752) | more than 4 years ago | (#32540576)

Those trial CDs had your name all over them. I looked up to you, what was I supposed to think? Then the way you just left them lying around... what did you think was going to happen?

I learned it from watching you, dad. I learned it from watching you!

*sobbing ensues*

Re:Gateways (1)

Mordok-DestroyerOfWo (1000167) | more than 4 years ago | (#32540228)

I swear man! Just let me crack one more WEP and I'll go cold turkey.

Re:Gateways (3, Funny)

natehoy (1608657) | more than 4 years ago | (#32540230)

One tweet, man, that's all I need to send. Please, man, it's been hours, and I'm hurtin' real bad. I just need a couple kilobytes, man. Please. Help a guy out?

Re:Gateways (0)

Anonymous Coward | more than 4 years ago | (#32540888)

One tweet, man, that's all I need to send. Please, man, it's been hours, and I'm hurtin' real bad. I just need a couple kilobytes, man. Please. Help a guy out?

"Cool, finally found someone to let me send a tweet!"

...shit. Just one more, I promise!

Is Finland Considered (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32539990)

a botnet ?

Yours In Baku [youtube.com] ,
Kilgore Trout

Move to Amsterdam --- EVERYTHING is free there (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#32540008)

Oh wait .... for some things you need a MasterCard ...

Name Change (4, Insightful)

just_another_sean (919159) | more than 4 years ago | (#32540110)

I hear by propose that Finland change the name of the Ministry of Justice to the Ministry of Common Sense and Applied Intelligence!

Imagine that, a reasonable and informed change to a law to sync with their ever changing technological landscape. I am astounded! One
only hopes others will learn from this event.

Re:Name Change (1)

N0Man74 (1620447) | more than 4 years ago | (#32540236)

Can we get guys like that in the US? And maybe like that Spanish Judge who ruled that an individual file sharing wasn't a crime against humanity while we're at it?

Re:Name Change (1)

betterunixthanunix (980855) | more than 4 years ago | (#32540250)

Maybe it is a regional thing. Sweden has yet to actually shut down TPB, Finland is changing the law to reflect technological changes...I even heard about citizens in Denmark using cryptographic protocols to maintain a fair market for small farms.

OK fine, the region does still have problems, and I am not exactly an expert on politics in those countries. Still, as an American, am I free to pretend that there are havens of sensibility.

Re:Name Change (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32540386)

This didn't happen by accident. The Ministry of Justice actually recognised the Finnish Pirate Party as having expertise in the subject and asked for opinions on the matter. Glad to see they also took heed of the advice given, especially considering the party does not yet have any representatives in the parliament.

Re:Name Change (5, Informative)

DMNT (754837) | more than 4 years ago | (#32540462)

The finnish legislation standard used to be (until 2000's where they passed some questionable laws) to lay down technologically neutral laws, where the technology used played no important role but the action did. This proposed legislation is just an exception to be amended to the current law, which regulates the use of other people's property, which you currently are not allowed to use without a prior permission. Currently some of the facilities offer free WiFi without informing you of such and this behaviour would be illegal by the law even when it's not easy to detect or to prosecute. So they are for the sake of clarity, going to make an exception because it is often hard to find out whether you're allowed to use the open network or not.

The human translation for newstext:

Joining a wireless accesspoint to be legalized

The ministry of justice is forming a law to allow use of unprotected WiFi access points. By the current law the unauthorized use of open networks has been illegal.

The exception is rationalized by for example, the lack of harm done, impossibility of oversight and the relative easiness of protecting the network. For the end user it is also often difficult to find out when the network is meant for public use and when it is not.

The statements received by the ministry of justice (which includes EFFI, Electronic Frontier Finland, by transl.) remind that the avilability of free WiFi access has increased in public space such as parks and air fields and they don't always inform the end user of the free availability.

According to the ministry of justice, there has been only one sentence for the use of unsecured WiFi by the district court. Higher court upheld the decision and it never went to the supreme court.

Most of the statements were for the legalization. However, many of them held it in high value that the owner of the access point should be held innocent in case of the illegal use of the access point.

Experts' opinion is that a lot of the WiFi access points are unsecured and the unauthorized use of them is common. Securing of the access point is usually easy when following the manuals of the access point.

The unauthorized use of the access point might slow the network down but it is hard to note unless there's a lot of file transfers compared to the bandwidth available.

Re:Name Change (1)

amazeofdeath (1102843) | more than 4 years ago | (#32542538)

Yeah, the legislation was mostly sane (not counting firearms laws), but after Lex Karpela it has gone downhill very fast.

Wow! (0)

Anonymous Coward | more than 4 years ago | (#32540464)

Wow, a policy that criminalizes a nearly victimless activity (who really notices if someone is checking their email on their network?), is impossible to police, and 'perpetrators' could be doing so mistakenly being repealed for those reasons?

Almost gives a man hope in government. At least Finish government.

Re:Name Change (1, Redundant)

DMNT (754837) | more than 4 years ago | (#32540492)

The finnish legislation standard used to be (until 2000's where they passed some questionable laws) to lay down technologically neutral laws, where the technology used played no important role but the actual action by the person did no matter what the tool used. This proposed legislation is just an exception to be amended to the current law, which regulates the use of other people's property, which you currently are not allowed to use without a prior permission. Currently some of the facilities offer free WiFi without informing you of such and this behaviour would be illegal by the law even when it's not easy to detect or to prosecute. So they are for the sake of clarity, going to make an exception because it is often hard to find out whether you're allowed to use the open network or not.

The human translation for newstext:

Joining a wireless accesspoint to be legalized

The ministry of justice is forming a law to allow use of unprotected WiFi access points. By the current law the unauthorized use of open networks has been illegal.

The exception is rationalized by for example, the lack of harm done, impossibility of oversight and the relative easiness of protecting the network. For the end user it is also often difficult to find out when the network is meant for public use and when it is not.

The statements received by the ministry of justice (which includes EFFI, Electronic Frontier Finland, by transl.) remind that the avilability of free WiFi access has increased in public space such as parks and air fields and they don't always inform the end user of the free availability.

According to the ministry of justice, there has been only one sentence for the use of unsecured WiFi by the district court. Higher court upheld the decision and it never went to the supreme court.

Most of the statements were for the legalization. However, many of them held it in high value that the owner of the access point should be held innocent in case of the illegal use of the access point.

Experts' opinion is that a lot of the WiFi access points are unsecured and the unauthorized use of them is common. Securing of the access point is usually easy when following the manuals of the access point.

The unauthorized use of the access point might slow the network down but it is hard to note unless there's a lot of file transfers compared to the bandwidth available.

Re:Name Change (1)

SplashMyBandit (1543257) | more than 4 years ago | (#32540552)

What is surprising (to me at least) is that the unsecured WiFi was illegal in the first place. I find that disturbing that Finnish laws are so intrusive in the first place. Maybe tolerance of such things is why they have one of the most peaceful and least corrupt countries in the World. However, the original law shows the Government has no problem reaching into individual freedoms (yes, I know that Finland is not alone in this).

Re:Name Change (1)

betterunixthanunix (980855) | more than 4 years ago | (#32540660)

It could be worse -- the law could have stated that failing to secure a wifi network is a crime.

Re:Name Change (2, Informative)

Anssi55 (729722) | more than 4 years ago | (#32540898)

What is surprising (to me at least) is that the unsecured WiFi was illegal in the first place.

Only accessing them without a permission is illegal (as said in TFA; the summary fails to mention that, however)

Re:Name Change (1)

amazeofdeath (1102843) | more than 4 years ago | (#32542582)

The summary is basically right, the wording just muddles the content. You are right in that having an open WLAN access point is and has been legal, any unauthorized use has been illegal, and the latter is about tho change.

Re:Name Change (1)

tdc_vga (787793) | more than 4 years ago | (#32541024)

Or maybe they got the idea from Tennessee, who has had this on the books for a number of years? See Tenn. Statutes: 39-14-602(b)(1):

Accesses any computer, computer system, or computer network commits a Class C misdemeanor. Operating a computer network in such a way as to allow anonymous access to that network shall constitute implicit consent to access under this part

[link] [michie.com]

Barnes and Nobel (4, Interesting)

orsty3001 (1377575) | more than 4 years ago | (#32540192)

Just do what Barnes and Nobel does. If you try to connect to their system it will want to text you a temporary access code.

Re:Barnes and Nobel (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32540340)

So you have to access their system, give them your phone number, wait for the text message, then enter a lengthy code on a mobile device and then you can use the wireless network. That sounds so user-friendly, I wonder why this isn't more common. </sarcasm>

Re:Barnes and Nobel (1)

Piranhaa (672441) | more than 4 years ago | (#32540994)

The link to the AP is still unencrypted then. I don't think Barnes and Nobel sets up a tunnel between you and the AP, so your Facebook chats and msn chats are all wide open for people to see.

The only way around this is to have TWO APs setup. One to GET the access code, or WPA/WEP key, while the other to actually connect to for wireless - but then everyone is using the same encryption key anyways.

Huh? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32540274)

How can they both "legalize" and "criminalize" the use of something? Did the editor not notice this complete contradiction of the title versus what the summary says?

Re:Huh? (0)

Anonymous Coward | more than 4 years ago | (#32540422)

"Changes to a law" that criminalizes it.

Reading comprehension sure is hard, isn't it?

Re:Huh? (0)

Anonymous Coward | more than 4 years ago | (#32540446)

Thank you for wasting your time responding to my post that was purely trolling. I got a chuckle out of it.

Re:Huh? (1)

satoshi1 (794000) | more than 4 years ago | (#32540694)

It's only trolling now that you've been caught.

Re:Huh? (1)

Changa_MC (827317) | more than 4 years ago | (#32541878)

You do realize that AC isn't his name, so "caught" is a bit off.

I suspect it's two people, one trolling and posting to say he's trolling.

DISREGARD THAT, I SUCK COCKS.

Re:Huh? (1)

91degrees (207121) | more than 4 years ago | (#32541010)

It is ambiguous though. The statement could be referring to the law or the changes to the law as the thing that criminalises use of unsecured networks.

Re:Huh? (1)

TruthSauce (1813784) | more than 4 years ago | (#32540448)

haha. what?

The Finnish Ministry of Justice has started preparing changes to a current law that criminalizes using unsecured wireless hot spots

There is a law... they are changing that law.

Which part was hard to understand?

Re:Huh? (1)

easterberry (1826250) | more than 4 years ago | (#32540484)

I believe it works like this. First there was no law about it.

They then criminalized it.

At that point it was illegal.

Now they are thinking of repealing the law they made which criminalized it, thus, legalizing it.

make sense?

Scandinavian countries seem wise (5, Insightful)

TruthSauce (1813784) | more than 4 years ago | (#32540414)

There are a lot of common sense ideas in the Scandinavian countries.

I've been thinking about it and I think that perhaps it's related to their increased tolerance for failure. A Swede or Norwegian or Finn is able to say "yes, this was a mistake" and not be derided in public for it.

The concept that humans aren't perfect isn't lost on these people as it seems to be in much of the rest of the world.

Another great example of this is the sex offender registries in the area. They're not only non-existent, they're actually illegal. They contend that it is a gross violation of personal privacy for those who already served their time and point out (probably correctly) that they do very little than encourage fear and paranoia amongst the populace. There was even a very public protest in OPPOSITION to a group who set up a private registry with similar information, after which, the site was removed due to its illegal content (in violation of local privacy laws).

To bring up another example, in these countries, there are very few frivolous lawsuits, as the system is carefully balanced to make it burdensome to bring one.

It is much easier for a judge to deem the plaintiff liable for all court costs and all defense costs if he feels the lawsuit was brought with malice or with little hope of succeeding.

Additionally, the state represents both parties in some cases, removing the financial burden of defending yourself from lawsuits. What they then do is place that burden on one of the parties in the case that they have been shown to be "willfully" out of compliance with civil law, but in cases where it is a genuine misunderstanding, the costs are absorbed by the system.

Rather than having a heirarchy where the rich can do whatever they want and the poor get fucked. Or a system where the powerful control everything and those down on their luck are brazenly left out to dry, these countries seem to have found a balance.

Also, worth noting, that these countries, despite their low populations and high standard of living, are not in the list of struggling economies, even during this "European crisis".

Absolutely brilliant. :-)

Re:Scandinavian countries seem wise (4, Informative)

dropadrop (1057046) | more than 4 years ago | (#32540938)

Also, worth noting, that these countries, despite their low populations and high standard of living, are not in the list of struggling economies, even during this "European crisis".

Absolutely brilliant. :-)

To be fair, Finland and Sweden have not been doing especially well during this crisis. Both countries are highly dependent on exports that have been doing badly. Finland had a huge drop in both exports and gdp (In Finland GDP was -7.8% last year, a drop of 9% since the previous year) during 2009, and the government took a huge loan just to keep things running. The good part is, that we don't have as much debt as more southern countries, so on the big picture things still look ok.

Re:Scandinavian countries seem wise (2, Informative)

Second_Derivative (257815) | more than 4 years ago | (#32541494)

It's also the country that passed Lex Nokia [bloomberg.com] not too long ago. Certainly the Finnish situation isn't as bad as it is in the UK and the US, but it's still not perfect.

Re:Scandinavian countries seem wise (3, Interesting)

Luckyo (1726890) | more than 4 years ago | (#32541932)

There is a funny thing about that law. Up to this point, NOT A SINGLE COMPANY USED IT.
Because there is a clause in the law stating that to use the law to monitor your employees, you are required to inform a government official in charge of privacy investigation, essentially making it public that you're using the law. And the public backlash because of the law was so heavy, that not a single company wants to be known as "the first company to start using that unfair snooping law".

So the law is in place, but no one wants the bad rep for using it. So it's not being used. A sort of classic nordic common sense, very similar to what we did when christians came with their crusades to bring the religion. Obey them while they have the upper hand, but dig your idols back from the ground when the guys with big swords leave. Same here, once the big money behind the law lobby has gone away, the pressure has been put not to actually put law to use.

This sort of common sense is why our criminal law allows police to conduct immediate house searches without court warrant based on suspicion of any crime with potential punishment of 6 months jail or more. It's there, and it's used to catch mainly marijuana growers and resellers. But its abuse for purposes other then that is minimal-to-nonexistent, because folks at police know - if they abuse it even once in a noticeable way, they'll lose the law.
It's that mutual respect between the law and it's executors and general population that is unique to Nordic countries, and why authorities tend to have more leeway legally, and yet rarely if every abuse it clocking lowest corruption figures in the world.

Re:Scandinavian countries seem wise (0)

Anonymous Coward | more than 4 years ago | (#32541994)

After reading what the law actually does...what's your point? So as an employer I will now be able to know who sent and email to whom and the size of the attachments (if any) - but not the content! And to do so I must publish and make know the policy to all employees and the government (not do so behind anyone's back) and this only applies to email on sent to and from my company's domain. - Hands Second Derivative his tin hat back - seems more then reasonable.

Re:Scandinavian countries seem wise (0)

Anonymous Coward | more than 4 years ago | (#32542298)

Mod up sex offender parent.

Re:Scandinavian countries seem wise (0)

Anonymous Coward | more than 4 years ago | (#32542548)

Nothing a little corruption can't fix in the name of "free market" justice.

Finish law (0)

Anonymous Coward | more than 4 years ago | (#32540428)

So basically what you are saying is that the law that criminalizes using unsecured wireless hot spots is finished.

Great News! (0)

crow_t_robot (528562) | more than 4 years ago | (#32540522)

Someone let me know when they decriminalize the use of unsecured automobiles and females and I'll start packing my stuff.

Re:Great News! (0)

Anonymous Coward | more than 4 years ago | (#32541182)

the use of unsecured automobiles

It's been legal for a long time. We call it public transportation. It also works pretty well.

Wrongheaded assumption (-1)

Anonymous Coward | more than 4 years ago | (#32540798)

Does the ubiquity of public places like airports, businesses and town halls mean that if I leave my front door unlocked someone should just be able to walk in and I have no recourse to have them arrested for trespassing?

I think the reasoning behind this is flawed. Because there are a lot of public things in the world doesn't mean that my unlocked door is difficult to ascertain isn't there for you to walk through. Unless the hotspot advertises itself as public the proper assumption is that, like a home without a business sign in front of it, you don't walk in without knocking. That is the kind of assumption that privacy laws are based on. The assumption that everything is public unless locked is the opposite of privacy protections.

*I think people who don't lock down their network are stupid. But that doesn't mean it should be legal for other to take advantage of their stupidity.

Silly justification (1)

91degrees (207121) | more than 4 years ago | (#32540876)

Well the laws that make this illegal have typically been a little inappropriate - dating back to the 1980's to deal with people hacking into mainframes rather than a harmless bit of sneaky freeloading.

Still, I think part of the justification is silly. "It is also hard for a user to know if an unsecured network is intended for public use or not." No it isn't. Does it have a name along the lines of "free wi-fi", or are there posters up telling you that there's free wireless internet? If so then it's probably intended for public use. Does it have a a name like D-LINK-N300? If so it's probably not intended for public use. If you're not sure, don't use it. Err on the side of caution. It's not that hard. You don't assume that unlocked bikes are free for public use after all.

Hear,hear... (1)

MattBD (1157291) | more than 4 years ago | (#32541278)

The UK's laws on use of unsecured wi-fi are asinine in the extreme. People have been prosecuted for using unsecured home access points to check their email in the past. I think laws should recognise that computers and smartphones will, by default, connect to an unsecured access point (presumably manufacturers set it up this way because it's easier for non-technical end users) and that the onus is therefore on the access point owner to secure the device if he wants to limit access to it. By broadcasting its SSID he is quite blatantly offering a public service, and IMHO he has NO right whatsoever to complain that people are using that public service if he has not secured it. There is no way of telling just from a list of access points whether one is intended for public access or not, and in fact many people do keep their wi-fi unsecured specifically to allow for public access. By setting up WEP or WPA on an access point, or by using an alternative method of securing the access point such as a captive portal, the owner is clearly indicating that the access point is not for public use. If someone chooses to try and break the encryption or use some other method to get around this, then that probably should be a crime.

TFsubmission is misleading... (1)

blind biker (1066130) | more than 4 years ago | (#32541588)

I live in Finland, and I have been using unsecured Wi-Fi nets since at least 4 years (maybe longer) perfectly legally. In some cities (Oulu) it is a service offered by the municipality, in others it's part of the student campus facilities, etc. etc. In theory, you were not allowed to use your neighbor's Wi-Fi (if you knew it's his/hers), though I have never heard that being enforced, ever. This law just makes the point wholly moot.

Re:TFsubmission is misleading... (1)

amazeofdeath (1102843) | more than 4 years ago | (#32542210)

Did you not know that you do have explicit permission to use those public municipal networks? They publish ToU online on their site, and that's fine by the law. Using your neighbour's network accidentally or not is a criminal offence, unless the neighbour really is providing a public service. As the Finnish article says, there was a guy (IIRC, in Salo), who did some hacking and "accidentally" used his neighbour's connections for it; he got caught and got sentenced for the unauthorized use. All in all, the translation is quite accurate.

- Another Finnish citizen

Unsecured wireless isn't illegal and shouldn't be. (1)

moxley (895517) | more than 4 years ago | (#32541858)

Unsecured wireless isn't illegal in most places and shouldn't be.

I'm aware of all of the potential issues, but the implications of government control; being forced to secure something if you don't wish to - are far worse.

Re:Unsecured wireless isn't illegal and shouldn't (3, Informative)

amazeofdeath (1102843) | more than 4 years ago | (#32542278)

It isn't illegal in Finland, *unauthorized* use of unsecured WiFi connections is currently. The lawmakers are trying to clear the situation, as the user can't know whether he has a permission or not to use the open connection. The current law defaults to no permission, the new should default to open -> permission.

Re:Unsecured wireless isn't illegal and shouldn't (1)

LostCluster (625375) | more than 4 years ago | (#32542526)

Yep. Just put the legal liability for any illegal activity done over the WiFi to the owner of the Internet gateway address unless they can tell you who did it and we'll be all set.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?