Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

War Driving To Be Protected In NH

CmdrTaco posted more than 11 years ago | from the baby-steps-in-the-right-direction dept.

Wireless Networking 387

AllMightyPaul writes "A big article on Wired.com talks about the new House Bill 495 that would legalize the innocent stumbling upon open wireless networks. Basically, it put the burden of securing a wireless network on the owner of the network and allows people to connect to open networks that they believe are supposed to be open. This is excellent news as I'm sure we've all tried to connect to one wireless network and ended up accidentally connecting to another one. Being from NH, now I can finally drive through Manchester and connect anywhere I want with little worry, but not until after January 2004, and that's if the bill passes the Senate."

cancel ×

387 comments

Foist for Eugenia! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5835168)

Another Night Defender post!

Claim this first with straight troll fiction!

The Night Defender! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5835221)

Sweating and farting nervously on the verge of mental meltdown, ELQ reloads each of her precious OSNews pages, making sure all is well. Fifty Internet Explorer windows are open in Windows XP, it's grinding the hard drive to death. ELQ's cable modem and NIC activity LEDs are nearly solid from the raw frenzy of almost constant browser reloading. Eugenia's eyes twitch rapidly from window to window with Mercurial speed to make sure that any rogue comments do not escape her attention, always hitting her refresh buttons with pinpoint accuracy. No logical order for checking, purely random and impulse driven by raw Mediterranean temper, stopping for the occasional savage bite from a pork loin still affixed to the bone, Eugenia's eyes never leave the monitor.

"N-n-n-n NO! No TIME for Dance Dance Revolution, oh but it's been so long! I cannot allow the BASTARD flooders' comments to be seen. MY DOMAIN IS SACRED!"

Hair is frizzled and days unwashed, ass-crack just barely half wiped in a frenzy to return to her monitor, having taken a large shit earlier. No time to flush! Her armpits are over-ridden with pubic hair, her fat flaps reek of B.O. and yeast from days of neglect and hour upon hour of sweating. Relentless sweating.

"Cannot to be keeps up this pace! I may be need to go to hospital for exhaustions" she pants in desperation, wiping the sweat from a matted hair lock with her week-old t-shirt offering.

The hour of judgment approaches! Comment number 45 in thread 374 is clearly of anti-Greek sentiment! It reads "Eugenia continues to post yet another story that's simply ripped off from other websites. How much longer can this continue? It's my opinion that she has poor editorial skills. I think they should be revoked."

"YOU BASTARD FUCK!", Eugenia erupts in raw hatred, simultaneously ripping a 120 decibel-at-1-meter fart into the back of her chair. "Nobody is to be attack my site!" Eugenia blasts away at 10 words per minute in a barely-coherent broken English. She's on a mission. After several hours, the words on the screen are completely shattered and in disarray, they make no sense. Eugenia is impressed with her English progress and submits her lousy retort. Relaxing only for several seconds to savor the rush, she continues her patrol, sleepless into the night.

Its excellent news..... (0, Flamebait)

NDPTAL85 (260093) | more than 11 years ago | (#5835172)

...because now you can legally steal bandwidth other people paid for?

Yay theft of services!

Re:Its excellent news..... (2, Insightful)

FifteenSquids (647416) | more than 11 years ago | (#5835185)

Yes, if they are stupid enough not to secure their network.

Re:Its excellent news..... (0)

Anonymous Coward | more than 11 years ago | (#5835261)

Yeah... way to go with the looter attitude.
What are you, like 12?
Yes, people can be stupid/not know how to secure their network, but that doesn't make ripping them off right.

Re:Its excellent news..... (1, Insightful)

Anonymous Coward | more than 11 years ago | (#5835320)

I don't see how this is "ripping them off". Unless you're in an area where the ISPs charge by how much data is transferred and not just for the bandwidth (very few places) then you're not stealing anything from the person.

Of course you are. (1, Interesting)

Anonymous Coward | more than 11 years ago | (#5835510)

They paid for their connection (whatever speed that may be). You didn't - plain and simple.
That said, if you're putting in a wireless network in your house, it's in your best interests to lock it down, unless of course you want it to resemble cable access at 8PM, anywhere USA.

Re:Its excellent news..... (2, Interesting)

Anonymous Coward | more than 11 years ago | (#5835237)

...because now you can legally steal bandwidth other people paid for?

Why not? It's legal to listen to your neighbors phone conversation if he chooses to braodcast his phone conversation into your house using an older portable phone that doesn't have any anti-listening technology built into it even though you have politely informed them of this.

As other posters have pointed out... (3, Insightful)

Anonymous Coward | more than 11 years ago | (#5835362)

Just because it's legal, that doesn't mean it's ethical.
Frankly, I'm kind of appalled at this line of thinking. When did it become out of fashion to be a decent human being?

Re:Its excellent news..... (4, Insightful)

Ravenscall (12240) | more than 11 years ago | (#5835240)

Well, as the article says, if they want to use a wireless network, the burden falls apon them, nit the state to make sure that network is secure.

Frankly, I feel that this is a good approach to hacking in general. Why should buisineses, who often lobby to pay the state less in tax revenue and whatnot, still expect the state to prosecute people who break into thier networks because they were too lazy to apply a patch?

Now, as a caveat to this, I feel that if the company can show that they took all reasonable precautions to secure thier network, then the state should go ahead with prosecution. This way a company that is 'following the rules' is not unduly punished, but the company that is too lazy or too cheap to implement good security is, and cannot fall back on fear of the state to be thier security apparatus.

Re:Its excellent news..... (4, Insightful)

Surak (18578) | more than 11 years ago | (#5835335)

Waitaminute. What you're saying -- in essence -- is that you think it should be *legal* for people to enter your house without your permission if you're too stupid/lazy to keep your door unlocked. I'm sorry, I have to disagree with you. Unlawful entry is unlawful entry, and unlawful hacking is unlawful hacking.

That being said, I think it's completely different with wireless networks precisely because you don't even know what network you're picking up -- and you can pick up the network completely by accident. This is in effect similar to the case where an non-scrambled phone conversation is picked up via a scanner accidentally...perfectly legal to listen in, at least in most states.

Re:Its excellent news..... (1)

Ravenscall (12240) | more than 11 years ago | (#5835378)

A house is not a network, trying to say it is is somewhat pointless.

And frankly, yes, I do believe that if you do not lock your door, you are just begging for people just to waltz in. I have lived in some pretty bad neighborhoods. To me these concepts are common sense. If you don't want people walking into your house, lock your door. If you do not want people accessing your wireless network, secure it. If you have taken these precautions, and somebody forcibly enters either, then you are well within your rights to press charges, and there is not a damn thing the perpetrator can use in thier defense.

Re:Its excellent news..... (1, Insightful)

Anonymous Coward | more than 11 years ago | (#5835255)

This argument is weak anyways because very few consumers pay per bandwidth usage. Usually you pay a fee for the service of having unlimited internet connectivity with a capped speed. This is like accusing your friend who is watching Cable TV with you, and then accusing him of stealing your cable, because you paid for it.. not him. If you can't secure your wireless, don't get wireless. It's as simple as that.

Re:Its excellent news..... (0)

Anonymous Coward | more than 11 years ago | (#5835389)

Your analogy is flawed. Maybe this will ring true: two people can sit in front a TV, but two people can't talk on the same phone line at the same time.

Not to mention, none of these war drivers are my friends. If I really wanted them to share my network, I'd tell them. Otherwise, they should stay the hell off it. Plain and simple.

Re:Its excellent news..... (0)

Anonymous Coward | more than 11 years ago | (#5835444)

but two people can share an internet connection...

Re:Its excellent news..... (2, Insightful)

silas_moeckel (234313) | more than 11 years ago | (#5835288)

It's good news because it explicitly says it's ok to connect to a network that you dont know to be closed. Computer do this automaticaly so this is a needed protection. It's about the same as a door if it's not locked and looks to be something open to the publi you can go through it but install one of those little luggage locks and now it's not legal to go through it even through it's trivial to break it.

Re:Its excellent news..... (1)

iabervon (1971) | more than 11 years ago | (#5835306)

You can legally use bandwidth other people have kindly provided to the general public. It's up to people who don't want you to use their bandwidth to do something to make it clear that they don't want you to use their bandwidth. This might actually make WEP somewhat useful; it's pretty easy to break, but not automatic, so it serves to signal that you shouldn't just use the network.

Re:Its excellent news..... (5, Insightful)

Anonymous Coward | more than 11 years ago | (#5835338)

Well, I don't know about you, but here in NC if I drive through a nearby office park with Kismet there's a spot with EIGHT IDENTICAL members of the "linksys public access network" if you know what I mean (LinkSys products with default unprotected configs).

If I were to hypothetically sniff some of these packets, I might hypothetically discover that they are going to different ISPs, which makes me hypothetically believe that most if not all of these belong to different companies.

So imagine you are an employee of one of these companies and the boss tells you "hook up to the linksys" ... you might just be committing a crime and theft of service if you pick the wrong one.

This law puts the burden on the hardware owner to make the fucking tiniest effort (I'm not talking IPsec or even turning on WEP .. how about just renaming your access point to "PRIVATE ACCESS" or something that takes half a brain cell)....

This is GOOD, not BAD.

The signal is physically going through my body and if it doesn't say "Don't Use Me", then by fuck, I'm going to use it! I figure that's in exchange for the 0.00001% increased cancer risk. :-)

I debated going into these businesses and telling them that I'm a computer security professional and would be happy to give them some free consulting but then I decided at least one of them would get panicky and have me arrested. "But .. how do you KNOW we have a wireless network ... from OUTSIDE??? You must be a TERRORIST!"

No good deed goes unpunished you know.

Re:Its excellent news..... (2, Insightful)

pstate (562271) | more than 11 years ago | (#5835396)

IMHO this will be shot down. I HATE to sound like the RIAA, but stealing is stealing. If I leave the my keys in my car and the door unlocked, does that mean that the person who steals my car is not guilty? The problem with notion of "reasonable" deterrence is what constitutes that? If I left my keys in the car, but locked the doors is that reasonable deterrence versus if instead I left the doors unlocked, but removed the keys? What if I left my locked car with no keys inside in a "bad" neighborhood or I own a car that is a prime target for thieves?

Re:Its excellent news..... (2, Informative)

Tevye (551399) | more than 11 years ago | (#5835467)

If I leave the my keys in my car and the door unlocked, does that mean that the person who steals my car is not guilty? The problem with notion of "reasonable" deterrence is what constitutes that? If I left my keys in the car, but locked the doors is that reasonable deterrence versus if instead I left the doors unlocked, but removed the keys? What if I left my locked car with no keys inside in a "bad" neighborhood or I own a car that is a prime target for thieves?

You're right in that stealing is stealing. But prosecution is not just prosecution. Perhaps the cars are a bad example, so let's look at houses. If you leave your house unlocked and someone enters, that's unlawful entry. If you lock your house and someone enters, that's breaking and entering which will impose a stiffer fine. There is a difference, and laws like these help to recognize them. Breaking into a network is still illegal. Wandering into it won't necessarily be illegal anymore, even though it's unauthorized (did they explicitly invite you in? it's unathorized)

New Hampshire (4, Funny)

Enzondio (110173) | more than 11 years ago | (#5835181)

This is what we should expect from New Hampshire

Live free or die!

Re:New Hampshire (1)

the_bahua (411625) | more than 11 years ago | (#5835388)

Damn straight! I wish more states had the focus on freedom than NH has.

Also, this just plain makes sense.

Re:New Hampshire (2, Interesting)

Kadagan AU (638260) | more than 11 years ago | (#5835436)

Yeah, I really miss living in NH, I grew up there, and moved to Pittsburgh (PA, not NH) with my parents a fwe years back... Now I'm stuck with a really good job that I'd hate to leave, but an extremely powerful urge to go back up there where there's real mountains, and so much more freedom... Stoopid seat belt and helmet laws... and income tax... so much income tax.. and sales tax.. I miss not having these things. I miss keeping my hard earned cash. I miss having legalized war driving ;)

-Jon

Who brought out the clue-by-four? (0)

arcadum (528303) | more than 11 years ago | (#5835187)

Finally someone is passing the blame to those that are at fault.

Re:Who brought out the clue-by-four? (4, Interesting)

delcielo (217760) | more than 11 years ago | (#5835416)

Okay, I'll bite.

If you're talking about this law protecting the innocent person who accidentally connects to a different network than they intended, I'd agree.

If you're talking about somebody who is intentionally wardriving looking for networks that he/she can get into and explore for juicy stuff, then I'll disagree.

Certainly, the admins of such networks have acted irresponsibly (assuming it wasn't some incredible new hack that broke into a secured network); but that doesn't mean the wardriver has no culpability in this situation.

This is one of those areas where the law can't cover everything. It's wrong to walk into an open house and take things when you know the owners didn't want you in there. Whether or not the door was open, and whether or not there was a welcome mat on the porch, you damned well know you shouldn't walk into a stranger's house and take their things.

And when you did, it wouldn't be the owner's fault that you're a worthless amoral turd. It would still be yours; whether or not they were stupid.

faggot fuck (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5835191)

kekekek kenspy is a faggot fuck cock tits ass fp no fuck

Legalize it? (5, Insightful)

xchino (591175) | more than 11 years ago | (#5835194)

So was it previously illegal? AKAIK, there are no laws against war driving, so while they may have protected this right, they didn't legalize it. Definately a step in the right direction, though.. it's so infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them.

Re:Legalize it? (4, Informative)

sharekk (654035) | more than 11 years ago | (#5835299)

From the article: "Like most state and federal computer crime laws, New Hampshire's existing statute says it is a crime to knowingly access any computer network without authorization"

Basically before if you were driving past a starbucks and picked up their connection you could be doing something illegal. I expect it's still illegal to crack WEP (easy as it may be) but using random open wireless is Ok.

Re:Legalize it? (0)

Anonymous Coward | more than 11 years ago | (#5835324)

what's AKAIK?

Re:Legalize it? (1)

Jester99 (23135) | more than 11 years ago | (#5835380)

A typo. He meant "AFAIK", or "As Far As I Know."

Re:Legalize it? (1)

Kredal (566494) | more than 11 years ago | (#5835446)

"As Keenly As I Know", AFAIK.

IANAL, though. (:

Re:Legalize it? (5, Insightful)

mcworksbio (571932) | more than 11 years ago | (#5835451)

infrequent that we see lawmakers making laws to PROTECT our freedoms rather than remove them

IMHO this is not a good thing. One of the problems Americans face today is the presence of so many laws reducing explicit or implied freedoms, as you noted. Yet explicitly stating in statute tangible freedoms contradicts the Constitutional notion of preexisting rights fundamental to the human condition. The goal of the Constitution is to recognize freedom, protect it, and limit rights only to the extent necessary to support the common good.

At first blush you are right, its about time we had freedoms recognized by politicians. But I would much rather see them tear down thousands of bad laws and restrictions, and get a couple of really good, common sense ones in there, and enforce them. I don't want to start to have my freedoms enumerated by a Congress, Court, or Executive.

P.S. This is all without respect to political affiliation. Wireless, RIAA, M$ monopolies, Guns, Abortion, Environment...all these issues may have different sides, and all need applicable laws, but I am just saying that the laws should not state a freedom and protect it, only restrict abuses contrary to the will of the Constitution, the people, and the common good.

Where is NH? (1, Funny)

Anonymous Coward | more than 11 years ago | (#5835195)

Where in the world is this place?

Re:Where is NH? (4, Insightful)

blixel (158224) | more than 11 years ago | (#5835275)

Where in the world is this place?

New Hampshire is bordered by Canada on the north and by Massachusetts on the south. On the east, New Hampshire is bordered by the Atlantic Ocean and Maine and on the west, New Hamsphire is bordered by Vermont.

And for all you Wardrivers... it's
Longitude: 70 37'W to 72 37'W
Latitude: 42 40'N to 45 18'N

Re:Where is NH? (-1)

Proctal Relapse (467579) | more than 11 years ago | (#5835277)

New Hampshire is north and east of everything in America that sucks.

bah (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5835197)

okayyyyyyyy

Wait a second... (5, Insightful)

b0r1s (170449) | more than 11 years ago | (#5835200)

There are still real moral issues here with whether or not it's actually RIGHT to connect to other people's networks. Just because the networks are not completely secure, you're still not justified in connecting to them, specifically if your reason to connect is to abuse them.

The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?

Re:Wait a second... (5, Insightful)

bluprint (557000) | more than 11 years ago | (#5835273)

I think the point is that the burden of deciding wether a person/company intended for a network to be open shouldn't be placed on the individual, but rather, on the person who set up the network.

Re:Wait a second... (5, Informative)

b0r1s (170449) | more than 11 years ago | (#5835524)

Here's the text:

1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:

I.
  • (a) A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:

    • (1) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or

    • (2) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or

    • (3) The person reasonably could not have known that his or her access was unauthorized.


  • (b) The owner of a wireless computer network shall be responsible for securing such computer network. It shall be an affirmative defense to a prosecution for unauthorized access to a wireless computer network if the unauthorized access complies with the conditions set forth in subparagraph I(a)(1)-(3).



So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.

This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.

Morals vs. Practical Issues. (3, Insightful)

Corvaith (538529) | more than 11 years ago | (#5835310)

I don't care whether wardriving is legal or not. I don't do it. I do, however, use my laptop--with its wireless card in, I never bother to remove it, but not with any kind of extra antenna or anything--in the car when riding with other people, occasionally. Windows has on numerous occasions thoughtfully informed me, in the middle of nowhere, that it had connected me to whatever network it happened to find.

And as long as things are set up so that connecting to the network doesn't involve anything more than just happening to be where that network is, the idea that you could be prosecuted for 'breaking into' their network is a scary one. There's often no 'breaking' involved. If I end up connected to somebody's network, and it required nothing more than a laptop configured for my *usual* wireless access, then no, it's not my fault.

If you have a wireless network and you're using it to transmit 'corporate secrets', etc, then secure the thing. People who run around purposefully trying to find other people's networks to go online from are a little slimy, maybe, but it's not 'breaking in'. It's complaining that somebody's sitting on the chair you happened to leave on the sidewalk. It may be your private resource, but you've left it sitting in public space with absolutely nothing to indicate that people *shouldn't* sit in it. And the average stranger who does is probably just resting his feet, not sabotaging your property.

Re:Wait a second... (0)

Anonymous Coward | more than 11 years ago | (#5835382)

I'm not sure how far the bill itself goes in protecting the rights of a "drive by networking," however I would think that a network with zero encryption on it would be the owner's fault for it being insecure. If there was some sort of deturrent, then it's been h4x0r3d. Now the only legal jargon left is to define "deturrent"

Right of use doesn't equal abuse... (3, Insightful)

Mr. Underbridge (666784) | more than 11 years ago | (#5835480)

The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?

Come on, that's like saying that if I'm allowed to enter a business with an open door, then I'm also allowed, by default, to rob the place and give the owner a Dirty Sanchez [g0d.org] .

The law assumes that an open network was left that way intentionally (or that the owner doesn't much care). That's a very cool thing. But nowhere does it say that you are absolved of responsibility for your actions when using the network. So industrial espionage and cracking other, secured servers is still as illegal as it would be if you were doing these things from any other system.

Re:Wait a second... (0)

Anonymous Coward | more than 11 years ago | (#5835497)

Just because the networks are not completely secure

Hold it right there. We aren't talking about weak security. We're only talking about open networks, the ones with no security at all.

The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault."

Not even close. Breaking into networks isn't allowed by this law. If you bybass any security you are breaking the law. This only applies to totally open networks. With this law, open networks are assumed to be intended for public use.

The best quote from the story that explains it is this:

"If (wireless network operators) want to be able to prosecute people for hacking into their wireless networks, they need to have done something to have secured the networks," said Mark Rasch, a former head of the Justice Department's computer crime unit.

They just have to do something to secure the network (WEP, MAC lists, etc). That's not too much to ask.

Motivation (2, Interesting)

jaaron (551839) | more than 11 years ago | (#5835507)

I think we have to look at motivation here. For example, I just found out that someone in my apartment complex is running an unsecured wireless network. How do I know? Well, I was setting up my wireless PDA and noticed I was connected before setting my WEP keys. Checked the IP's and, yep, most definitely wasn't my wireless network.

Now, harmlessing stumbling upon someone else's wireless network shouldn't be a crime. I think that's part of the point here. Maliciously using someone else's wireless network, though, that's another matter. I don't think there's much debate about that.

Which brings this all to an interesting point? What about the "ignorant"? If my neighbor has no clue that he is sharing his bandwidth with the whole apartment complex, then how is my using his network anything less than theft of services? (Not counting that his ISP probably forbids it in the TOS anyway). From what I can tell from this law, it's saying that "ignorance" is no excuse, if you leave your wireless network open then anyone can use it for non-malicious purposes.

Hmm. Maybe a nice idea, but it also sounds like if I don't put a fence around my yard, anyone can come in and have a picnic!

Re:Wait a second... (0)

Anonymous Coward | more than 11 years ago | (#5835519)

No moral issues whatsoever.

If an employee of a company goes on Public Access television and tells company secrets, why is it unethical for me to use my receiver (TV) and decode it?

Likewise, if they are beaming company secrets into my Zaurus, why can't I listen? I don't even *KNOW* ahead of time if the signal is from them or from my own company!! You can't *see* radio waves.

I liken this to a group talking in a public space very loud and not realize it. You might want to be polite and give them some space or not pay attention to the company secrets they are shouting at the top of their lungs, but the law should put the responsilibity on THEM.

(Even that's not a good example, because you can recognize people's voices or faces .. on WiFi unless you've memorized the MAC address you don't know exactly WHOSE "linksys" you've connected to...)

Shouldn't this be... (3, Funny)

carou (88501) | more than 11 years ago | (#5835201)

Shouldn't this article be on unwired.com?

Re:Shouldn't this be... (1)

bryanthompson (627923) | more than 11 years ago | (#5835523)

my last month's wired mag came bundled with an extra magazine called 'un wired' (still made by Wired) where they explained everything you can imagine about wireless networking. I thought it was pretty clever... :)

first post or slow-arse page updating? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5835202)

that is the question

Live Free or DIE! (0, Offtopic)

tedgyz (515156) | more than 11 years ago | (#5835203)

Dammit!

Born 'n bred in Cow Hampshah.

Until recently, you could also drink and drive - that is, you could be sipping a beer while driving your car, as long as you were not legally drunk. Me? I prefer to get all my drinking done ahead of time so I don't spill my beer. :-b

Wow (4, Funny)

Snowspinner (627098) | more than 11 years ago | (#5835204)

The government passing reasonable digital rights legislation?

Come on, April Fool's was almost a month ago now.

war driving lessons (3, Informative)

ih8apple (607271) | more than 11 years ago | (#5835210)

war driving lessons [nwfusion.com]

In these uncertain times... (4, Funny)

fobbman (131816) | more than 11 years ago | (#5835212)

...it seems like you can apparently get most anything passed if you attach the word "War" to it. Even the theft of bandwidth.

Re:In these uncertain times... (0)

Anonymous Coward | more than 11 years ago | (#5835272)

I don't agree with your sentiment, but that was a clever post.

Re:In these uncertain times... (1)

flamingspinach (668085) | more than 11 years ago | (#5835292)

Nice one... ;)

Re:In these uncertain times... (0)

Anonymous Coward | more than 11 years ago | (#5835536)

... Even the theft of bandwidth.


If I put a water fountain out in the front of my building, could I then have passers-by who stopped to take a sip arrested for "theft of water?"

Of course not. Our society considers water fountains that are accesible from public places to be invitations to drink. There is no need for explicit permission from the person who is paying for the water, eve though your consumption is costing him/her money.

All that this law is saying is that wireless access is the same as water access. Anyone who makes it available in a public place is inviting the public to use it.

You don't want the public using your water/bandwidth? Lock it up. It's is simple enough. WEP is an ineffective technological measure to keep out trespassers, but it is a very effective KEEP OUT sign. (anyone who hacks a WEP protected access point is clearly trespassing and should be prosecuted (regardless of how easy it was to break the "lock"))

However, if I stumble across publically available water/bandwidth with no sign to indicate that it is off limits, I will feel that I have been invited to take a sip. (maybe eve a largish drink if I happen to be thirsty)

It isn't theft with water and it isn't theft with bandwidth.

NH? (1)

Frohboy (78614) | more than 11 years ago | (#5835213)

For those who can't immediately infer what geographical area (or for that matter even what country) is being referred to, the article more clearly explains that they are referring to the U.S. state of New Hampshire.

Re:NH? (0)

Anonymous Coward | more than 11 years ago | (#5835354)

Slow down cowboy! What is this "U.S."?

This Earth-centric attitude is very arrogant.

Re:NH? (1)

Kadagan AU (638260) | more than 11 years ago | (#5835491)

Yeah, that little speck on the map isn't just a potato chip crumb, it's New Hampshire dammit!! The best little state that I've ever had the pleasure of living in.

Love living in NH (0)

AlabamaMike (657318) | more than 11 years ago | (#5835215)

First off we have no state income tax (*applause*), and now this ... how nice it is to live in NH. Thank you Gen. John Stark for setting the tone years ago. It truly is Live Free or Die.

-AlabamaMike (who now lives in Manchester)

good. security can gain some awareness then. (3, Insightful)

phippy (176682) | more than 11 years ago | (#5835224)

if it hasn't already, the ability for wireless access point and card manufacturers can further harden (at least within the 802.11x spec) their default configs.

a law like this can't do any harm, besides the harm that has been done (or is happening) already. it sounds like to me that this is a good thing. raising awareness around network security is always a good thing.

*well, except when it fosters more fear than actual security

That's a good law, but.... (4, Interesting)

b.foster (543648) | more than 11 years ago | (#5835231)

How many people have actually been prosecuted for using an open wireless network without authorization?

And how many of those people (if any) were malicious hackers?

Why don't our legislators spend their time protecting innocent people (Skylarov, Felten, Serebryany, etc.) from laws like the DMCA that have been abused, instead of saying "hey, it's legal to wardrive, which nobody has ever been maliciously prosecuted for"?

Re:That's a good law, but.... (2, Insightful)

gurps_npc (621217) | more than 11 years ago | (#5835431)

Because there are already constituents that LIKE being able to malicoulsy prosecute for DMCA violations.

I APPLAUD them for solving the problem BEFORE it becomes important, and thereby stopping our enemies before they become strong enough to attack our freedoms.

Re:That's a good law, but.... (0, Troll)

Kadagan AU (638260) | more than 11 years ago | (#5835538)

Why don't our legislators spend their time protecting innocent people (Skylarov, Felten, Serebryany, etc.) from laws like the DMCA that have been abused, instead of saying "hey, it's legal to wardrive, which nobody has ever been maliciously prosecuted for"?

Well, our legislators doesn't apply unless you live in New Hampshire, since it's just a state law. Also, was the state of New Hampshire prosecuting Skylarov, Felten, or Serebryany? I don't believe so. Don't say they should be fixing things when they're things they have little to no control over. Think before you talk.

This is great but.. (0, Troll)

aiyo (653781) | more than 11 years ago | (#5835234)

Who would want to visit New Hampshire? Ughhh

dumb technincal questions (1)

kisrael (134664) | more than 11 years ago | (#5835236)

I've set up a little Wireless LAN at home, wifey's laptop plus the PS2, Linksys, and it seems like I have to put in the an identifier for the...workgroup? Something, I forget the technical word, but I changed it from the default "Linksys" to something specific to my house...and I had to make sure everything that was connecting to the Router used the same ID.

So, setting aside that there are probably tons of home Wifi installs that still use "Linksys", and assuming lots of people don't use the encryption that requires a true password, how does wardriving work? Does it "wardial" the ID, or is my network broadcasting the ID to use? (I guess the latter is more likely)

And if I'm NOT using the password, is everything my wife is doing on her laptop being sent in the clear to the nearby neighbood?

Re:dumb technincal questions (2, Informative)

Aliencow (653119) | more than 11 years ago | (#5835316)

The SSID is no protection, because you can use "any" as the ssid and you will get on most non-encrypted WiFi networks. And you'd be surprised at the amount of them not protected (around 75% in my area)

Re:dumb technincal questions (0)

Anonymous Coward | more than 11 years ago | (#5835337)

Access Points send beacon packets which contain MAC addresses and AP ID information.
You can see these packets, and if you enable promiscuous mode on the WLAN card you can observed traffic from other network users. Some traffic might be encrypted, but the headers are still visable and WEP can be broken by looking for packets with vunerable IV (initialization vectors).

Re:dumb technincal questions (3, Informative)

neuph (591436) | more than 11 years ago | (#5835391)

Answers:
  • The identifier you are referring to is the SSID (Service Set Identifier).
  • wardriving programs operate by putting the wlan card into promiscuous mode and sniffing all the wireless traffic passing through the air. I beleive that they also send out probes for SSIDs.
  • If you are not using WEP (Wired Equivalent Privacy), then everything transmitted is cleartext. However, WEP has been proven insecure, and should not be relied on for any sensitive data.
And yes, there are alot of Linksys default SSIDs out there.

Kismet [kismetwireless.net] - Wardriving application for Linux
Airsnort [shmoo.com] - On-the-fly WEP cracking for Linux

Re:dumb technincal questions (0)

Anonymous Coward | more than 11 years ago | (#5835434)

well as the poster above mentioned it sends out beacons several times a second that announce the access point. Sometimes this can be turned off (I don't think on Linksys).

I do this for a living and I recommend to ANYBODY (even if you think nobody has an interest in you or your network) that they :

1) change the ID to something that has NOTHING to do with their family or business. Don't name it "3rd floor BankCorp" or "Smith Family Room" ... name it "Access Point 15" or "NO TRESSPASSING".

2) ALWAYS turn on WEP passwords .. even if it is weak and can be cracked, it is an indication to passers-by that you want the network private.

And yes, everything your wife is doing can be passively watched from anyone in range. Somebody doesn't even have to "do" anything except turn on their receiver and start listening. I don't know about you but that would creep me out enough to turn on the password.

Re:dumb technincal questions (2, Informative)

lactose99 (71132) | more than 11 years ago | (#5835469)

Unless you specifically disable it on the Linksys, your SSID (which you mention was "Linksys") is broadcasted. Anyone with a wireless card and the right software (which WinXP includes) can see the SSID of your home WiFi LAN. The Linksys also has 2 options for WEP encryption, disabled or manditory (at least for the version 2 WiFi Access Point, which I use). If its disabled, then all traffic sent across your WiFi LAN is plain-text, in the clear (unless you are using some encrypted protocols above the WiFi layer like IPSec, SSH, or https for web pages). If its manditory, then all users who connect to your WiFi LAN must provide the correct WEP key to connect to or see traffic on your network.

Even though WEP has been proven to be somewhat insecure (without weak iv filtering, you can break WEP by collecting only a few thousand packets), it is strongly reccomended that you enable it on your WiFi LAN. I also suggest enabling the MAC filtering option on your Linksys access point, as this will only allow registered MAC addresses to communicate with your access point-- the access point just ignores all traffic that isn't coming from the MAC addresses you allow. This is not an end-all security solution by any means, but it does help to deter the causual onlooker who might want to snoop some of your traffic. Of course, any accomplished cracker may very well try to crack your WEP key, but you can get around that by putting your WiFi LAN on an "unsecured" network segment and limiting access to/from the WiFi segment. You can also use things like SSH tunnels and IPSec to further restrict communication over your WiFi LAN.

All in all, much of the above is overkill if you are just using WiFi around the house, but I stand by my point that everyone who doesn't want to provide public WiFi should use both WEP and MAC filtering on their equiptment, as just about every WiFi APs offer these features, and they take (at most) 15 minutes to setup properly.

Legal ? (1)

Aliencow (653119) | more than 11 years ago | (#5835239)

I don't really see how wardriving itself could be illegal or legal, I mean, it's unethical to sniff the airwaves, but 2.4ghz is public. On the other hand, accessing the network without express permission is illegal, wireless or wired. Same goes for WEP... Breaking WEP is definitely illegal as someone is trying to protect their data and you have to break their security to read it.. Wardriving being illegal would mean that me walking with my laptop turned on downtown is illegal..

Re:Legal ? (2, Insightful)

cybermace5 (446439) | more than 11 years ago | (#5835501)

It's illegal to listen in on cell phone conversations. It's also illegal to sell or manufacture a device capable of intercepting cell phone conversations.

However it's not illegal to own or modify a device in order to receive cell bands...unless you actually use it. Makes sense doesn't it?

There are so many grey areas and conflicting legislation, it's going to be a very long time before all this is sorted out.

Marconi never knew what he was getting us into.

You mean... (4, Funny)

Faust7 (314817) | more than 11 years ago | (#5835241)

"That was your network I had Kazaa, WinMX, and Grokster running full-steam 24/7 on? I had no idea, honest. Hey, OW."

Java, Python, C++, Perl sucks. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5835243)

Only use brainfuck assembly lanuage.

Isn't this explicitly mentioned on the equipment? (4, Interesting)

eGabriel (5707) | more than 11 years ago | (#5835249)

I don't recall the wording, but doesn't most of this equipment carry a message from the FCC that says that the device must accept any interference from other devices?

Maybe it's a bit backward, but I think that can justify your having picked up the signal; you were just accepting interference...

Re:Isn't this explicitly mentioned on the equipmen (0)

Anonymous Coward | more than 11 years ago | (#5835454)

well it's an unlicensed band, so the FCC could care less one way or the other... other parts of the legal system might come into play but in terms of FCC they don't care much about unlicensed band if you are within the power requirements

Comcast's view (1)

esanbock (513790) | more than 11 years ago | (#5835250)

It won't surprise me if Comcrap starts port blocking to prevent "spamming" from open wirless acess points. Basically, turn their network into a port 80 output-only network slightly more sophisticated than a television.

What about at the state line... (3, Insightful)

jetsaredim (569308) | more than 11 years ago | (#5835267)

The area alone the border between MA and NH is quite built up with tech firms (HP, Oracle, RedHat, etc...) - wonder if they'll be cracking down on their wireless networks? Also, what happens to someone in NH who grabs some bandwidth from MA or vice-versa?

A good way around this... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5835271)

I found a good way around this recently. It's pretty well-documented at this [cheats4us.org] site. Very interesting.

Won't this just encourage more SPAM? (4, Insightful)

ewanrg (446949) | more than 11 years ago | (#5835280)

I'm all for having reasonable laws for reasonable people. And this one seems to have it's heart in the right place.

However, if you have the ability to use someone's network "accidentally" how do you distinguish someone who is using a lot of bandwidth for an innocuous reason from someone using a little bandwidth for a protective screen? I seem to recall reading an article about SPAMmers using open links to anonymously go through SMTP sites to further propogate their "stuff"...

And if the company is running Windows and has shared network resources, where does my 100 page accidental printing land on the scale of things?

I agree that you don't want to arrest someone for browsing through "linkedsys" when they meant "linksys" (or picking up the wrong "linksys" which is probably even more likely). But I'm not sure this is the answer.

FWIW,
Ewan

Re:Won't this just encourage more SPAM? (2, Insightful)

gurps_npc (621217) | more than 11 years ago | (#5835462)

If the network people have those concerns, then they have the responsibility to PROTECT their system against it.

All this laws does is say: "If you leave your doors wide open, you have no right to complain if some someone comes into your house to get out of the rain."

The law does not in any way make it legal for you to spam/print from their network, just as the above statement would not let people take stuff out of your house just because you left your door open.

Road rage (1)

sporty (27564) | more than 11 years ago | (#5835305)

What about road rage? :)

Wardriving (1)

docstrange (161931) | more than 11 years ago | (#5835307)

I do a bit of wardriving myself.

I think that if anything, the biggest kicks I get out of wardriving is generating maps [crackrock.org] of my results.

(I do like plugging my map - shameless self promotion I guess)

While I never connect to networks, it would be nice to know that if I ever did need to access one that I wouldn't have to worry about going to jail over it. Props to the government on this one.

laws to allow? (0)

Anonymous Coward | more than 11 years ago | (#5835360)

when did laws start allowing you do something? Laws are generated to stop things from happeneing, such as driving over 55 (or insert designated speed limit here), or stop you from killing, raping, putting babies heads on spikes, etc. I cannot think of any law that says it is ok to do something. Therefore i believe this to be fud, a bunch a whohaa, someone is giggeling themsleves silly right now for pulling on over on /.

War Driving != "innocent stumbling upon" (1)

Kenja (541830) | more than 11 years ago | (#5835367)

If you are driving around LOOKING for wireless networks with poor security to exploit that is not the innocent stumbling upon open wireless networks.

I love my NH (4, Insightful)

Tevye (551399) | more than 11 years ago | (#5835395)

A others have mentioned, NH is a nice place to live. No state income tax, no sales tax.. It is a nice place to be.

I'm seeing a lot of "the idea is good but...", but I do think it's a good idea. I read the analogy of walking into someone's house if it's unlocked and taking their food, etc, but I don't think that's the right analogy.

A better one, (which also applies in NH) is that if you're hunting in the woods, you can't be prosecuted for trespassing unless it posted "No Trespassing" or the owner comes along and tells you to leave. This keeps people who are in the woods and might not have a convenient parcel map from the town from being prosecuted because they wandered into an adjacent lot. Do note that this is not the same as walking into land that is expected to be private, i.e. a house or an office building (during non-business hours).

Just my input.
Live Free Or Die.

Re:I love my NH (1)

MisterMook (634297) | more than 11 years ago | (#5835541)

Of course the same logic allows the government to set precedent for sniffing out unsecure networks just about everywhere, since it leaves the burden onto the owner. How secure is secure "enough" when its possibly your privacy that's concerned? While it may make a certain sense that "if you're not encrypted, you're wide open", I'd rather not set any sort of legal justification for the government to start data mining ANY sort of private network. This might not be the case here, but attaching a legalism to the whole issue might lead to broader implications.

war-driving innocent? (1)

emgeemg (182902) | more than 11 years ago | (#5835422)

...that would legalize the innocent stumbling upon open wireless networks...

Having not read the article and freely admiting that I could care less about the legality of war-driving (personally I find the concept of going war-driving to be rather pathetic), I have to question the title of this article. I would not define driving around actively seeking open wireless networks and connecting to them as "innocently stumbling upon" them. Guess that's just me.

This doesn't legalise War Dialing... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5835424)

This law only takes the burdon of guilt away from an accidental connect. Purposly stealing bandwith by a malicious criminal malcontent like the poster is still illegal.

Hehe, malicious criminal malcontent, that has a nice ring to it. I just had to say it.

Anonymous Coward CRySyS

DHCP expresses permission (5, Insightful)

yack0 (2832) | more than 11 years ago | (#5835425)

I'll summarize it again as I have in other forums.

- My laptop sees a signal and requests access to the network by asking for a DHCP address.
- Access point sees my request and GRANTS me a lease on an IP address with which I can access their network
- I surf using the network
- I leave.

I asked, they said YES. They could have easily denied me, but they invited me into the network when I asked if I could. There are SO MANY different ways to keep people out, that owners of AP's just have to do something to secure themselves. Shame on them if they fail to do that.

Guiness (1)

limekiller4 (451497) | more than 11 years ago | (#5835430)

Little-known fact: Manchester, New Hampshire, has the distinction of owning the longest street in the world that is capped at both ends by dead-ends. Main St. So sayeth Guiness. No joke.

A lot of people immediately ask "well how the hell do you get on or off of it then?" It has streets coming off it, but both ends are dead-ends.

How is that for a useless bit of info?

Re:Guiness (0)

djhertz (322457) | more than 11 years ago | (#5835506)

Main Street? I thought it was Elm street in NH. All the 'kids' used to cruise up and down Elm for that reason I thought.

Amazing (1)

WindBourne (631190) | more than 11 years ago | (#5835441)

A state that believes that ppl should be responsible for their own actions. I though that it went out of fashion over the last 23 year.

A law that makes sense?! (1)

Anita Coney (648748) | more than 11 years ago | (#5835442)

How long will it be until it's overturned?

What is NH? (0)

Anonymous Coward | more than 11 years ago | (#5835453)

This story talks about this place, but I've never heard about it before. Would somebody care to clear this up?

Easy solution... (1)

Paddyish (612430) | more than 11 years ago | (#5835468)

Classify war drivers as enemy combatants!

Only applies to really open networks (4, Insightful)

iabervon (1971) | more than 11 years ago | (#5835470)

It seems to me that this change essentially says that any network which isn't secured in any way is to be considered a public network; that is, if you find a network not using WEP or anything, you should assume that it was intentionally left open as a public resource (like people have started doing). I doubt that the defense provided for this behavior would apply to a network using even a small WEP key, though. Even if you sniff the key, it seems unlikely that you could then claim that the network's owner meant you to have the key. So, while people do have to secure their networks, they don't have to secure them particularly effectively; just well enough to block your defense.

What this law means is that, if you don't want people to use your wireless network, you have to use some sort of technological measure to let them know to stay out. This makes a lot of sense, because there's no way to find out that someone does want you to use their network.

Reasonable security measures (3, Informative)

SCHecklerX (229973) | more than 11 years ago | (#5835484)

These will ensure that casual passers-by do not 'break in' to your network. It also makes it so that someone who does want to break in, has to do so much work to do so that it simply isn't worth their time:
  1. Of course, use a vpn client and gateway, if feasible. This is probably more trouble than it is worth for your home network, but should be standard practice at a corporate network.
  2. Just because you are using IPSec, don't think that WEP is useless. Use it! It is a deterrent, and also a strong signal to an intruder that no, this is NOT a public node.
  3. Enable WEP. 128 bit if possible.
  4. Disable broadcast of SSID. This pretty much kills the windoze stumbler, but kismet will still note that you are there, and will remember the SSID if you had broadcasted it in the past.
  5. Use a non-dictionary, non-identifying word for your SSID. Most places I've stumbled, you'd be amazed at the number of SSID's that are street names, addresses, building names, business names, etc.
  6. Use HEX wep keys, not ascii, and ensure that they are truly random.
  7. Mac filtering, if using the above, is pretty much useless. It is good, however, for keeping your own employees, who might know a WEP key and SSID, off of the network until you have time to change the parameters. A real attacker will simply sniff for a good MAC address, and then use it.
  8. If in a corporate environment and using a multiuser OS for your end users, don't give them the ability to see/modify their wireless settings.
  9. If possible, cycle your WEP keys. This is probably the biggest problem with WEP, the inability to centrally manage keys or have them automatically change over time.

Stumbling v. Intruding (1)

TrollBridge (550878) | more than 11 years ago | (#5835529)

"A big article on Wired.com talks about the new House Bill 495 that would legalize the innocent stumbling upon open wireless networks."

What about deliberate and intentional intrusions? I can understand how people can accidentally connect to a different network than they intended, but wardriving doesn't even come close.

In Other News... (1)

moehoward (668736) | more than 11 years ago | (#5835534)

N.H. also legalized taking cars for a joy ride if the cars are left running in a convenient store parking lot. Give me a frickin' break... The BEST thing for gov't to do was to do NOTHING and let the courts sort it out on a case by case basis. It's like nerds are now a protected class. Please mod as flaimbait. tia.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...