UK Police Cracking Down on Broadband Theft

dubculture writes "A 39 year-old man in West London was arrested for dishonestly obtaining free internet access" from an unsecured wireless router nearby. The article discusses a couple of other cases, including one where a fine of £500 (~US$1000) was handed out for, essentially, taking advantage of someone else's inability (read: apathy) towards securing their home network."

No problem

[lukesky321]

I have an unsecure network, and I really don't care if anyone uses it as long as nothing illegal is performed.

Re:

[Kickstart70]

You are assuming common sense in the halls of justice. Once the cop finds someone using an access point, how is that cop going to find out who owns the unsecured router based on the advertised name ("LINKSYS")?

Re:No problem

[absoluteflatness]

Which is obviously why these charges must be based on some kind of complaint or cooperation from the owner of the access point. There's really no way for the police to tell you're doing anything wrong if you're just on a wireless connection of some kind.

That being said, the owner of the access point is entirely within their rights to both improperly secure it, and to attempt to pursue those who improperly use it. The analogy of the home with the door left open applies somewhat well here.

Re:No problem

[iamacat]

The intention of access point owner must be known to the user ahead of time. If the network is completely unsecured, it should be assumed that it's public access. If it is secured, however improperly - 40 bit WEP password of "welcome", mac check, hidden network id - access is illegal without explicit consent of the owner. If you build a water fountain standing in the open, don't be surprised if people drink.

Re:

[absoluteflatness]

I had just thought of this caveat after I had posted. The subtleties of "stealing" wireless access, would, in my mind, require the owner to somehow make the user aware that their use was not acceptable before any charges could be brought.

Of course, this case, where a man was standing by the wall of a house and admitted to being there for the express purpose of using the owner's broadband, is somewhat less defensible than most. There is the frequent point that reading by the light through someone's wind

Re:No problem

[YrWrstNtmr]

The subtleties of "stealing" wireless access, would, in my mind, require the owner to somehow make the user aware that their use was not acceptable before any charges could be brought.

I would think it should be the other way around. Do not use unless you know for sure that you are allowed. An SSID of "UseThisWiFi" or similar.
A bicycle unattended in my front yard is not express permission for you to take it. A sign that says "Free bike" is.

It's not yours to use without express permission.

Re:No problem

[BillyBlaze]

Other than the bicycle analogy, why should we assume the default state is "I don't want you using my WiFi"?

If we must use analogies, let's keep it in the realm of computers. Running an open WiFi is like running a public web server - even if the url isn't use-this-webserver.example.com, we still assume you intend for people to connect to it. In other words, there's nothing magical about express permission - there are lots of things you can do by convention. Since this is a new legal area, we have a choice which convention to choose.

Besides that argument, there are other advantages to assuming it's open unless secured. You're less likely to be arrested just for hanging around somewhere with your laptop. We don't have to waste public funds arresting you unless the owner complains. And we all get more free WiFi.

Re:

[julesh]

Other than the bicycle analogy, why should we assume the default state is "I don't want you using my WiFi"?

Because that's the assumption that causes the least harm.
Because that's the assumption that's correct in a large majority of cases.

It's quite easy, really.

Re:No problem

[BillyBlaze]

Well, you obviously shouldn't use as much bandwidth (or water) as possible. But if you just need a drink, or to check your email, it's not a big deal. How do we determine how much is too much? Instead of arresting everybody seen with a laptop, we could wait for the owner to complain? Heck, the owner could just ask the leech to lay off, or secure his network, and we don't have to get the police involved at all. Much cheaper, plus we don't have to worry about our computers automatically making us criminals.

And it's been said before, but - the leech did ask first, and permission was granted. I haven't seen a convincing argument why automated electronic permission, given as configured by the network owner, in the absence of any information to the contrary, is insufficient.

Re:No problem

[FireFury03]

I have a water tap in my front yard... should you assume that, without asking, you have a right to plug a hose up to it and use as much water as possible?

If you have a sprinkler in your front garden, and it's over-spraying onto my garden, should I be arrested for "stealing" your water?

Re:

[Kijori]

But this isn't like that - no one is forcing you to use the bandwidth. Using someone else's wireless access is a choice, you don't suddenly get drenched by it if you walk into range. To use your analogy, the water isn't going into your garden, you're catching it by leaning over the fence.

Re:

[wordsnyc]

You have a power socket mounted in a housing at the edge of your front yard that you use for your xmas displays. OK if I plug my AC into it?

Re:No problem

[SL Baur]

A bicycle unattended in my front yard is not express permission for you to take it.

I left an unlocked bicycle unattended in my front yard in Tokyo for over two years hoping someone needy would take it (I lived near a woman's university and I truly didn't understand Tokyo at the time) but no one did. It's Japan, so the bicycle is probably still sitting there unlocked even though I moved away 4 1/2 years ago. Not enough other dang gaijin in that neighborhood I suppose. (Bicycle theft is epidemic in places like Tsukuba where there are a higher percentage of foreigners).

Japan is the place where you can buy a bag of CDs, accidentally leave them in a nearby ATM and then later pick them up from the nearest koban where someone dropped them off after they saw you left it behind. I didn't do that, but I witnessed it. Can you imagine the same kind of thing happening in the US? I can't, I'm a native american.

A coworker in Japan was telling me about the time she visited New York with her husband and after buying some things went to a restaurant, left her bags at the table and went away for a moment. In Japan, Nothing Happens when you do things like that, but that was New York and the bags were stolen.

On another occasion when I was living in Tokyo, but working in Kobe (about 5 hours by train after you factor in the local trains) I accidentally left my apartment unlocked for an entire week unattended. Nothing Happened.

The US isn't civilized and hasn't been for a long time. If you look away, you should have the expectation that whatever it was you're not looking at will disappear, because it will. And no, I'm not happy about saying this. I used to love living in California and the USA. It wasn't so many years ago that it used to be safe to leave a car with the keys inside (remember the "lock your car, take your keys" ad campaign?).

So yes, I admire your sentiments, but anywhere outside of the best places in Japan, I've never seen them in practice. I've never been to the UK, but I presume they have worse problems than the US given all the surveillance cameras they've felt the need to install in recent years.

Re:No problem

[PeeAitchPee]

The US isn't civilized and hasn't been for a long time. If you look away, you should have the expectation that whatever it was you're not looking at will disappear, because it will.

Well, perhaps New York / LA / DC / etc. (name your inner city of choice) aren't "civilized," if that's your pet definition, but just about everywhere outside of the 'hood is. Here in suburban MD, only about 10 miles north of inner city Baltimore (one of the most violent inner cities in the world), we can leave our doors unlocked and can sleep with first floor windows open at night without fear of being slaughtered in our sleep. People generally know how to treat each other decently around here despite what goes on downtown. You certainly should not generalize the entire population of a country because those in its inner cities have a perchant for committing crimes.

I'd also wager that there are parts of Japan where you'd have experienced the disappearing bags phenomenon, or worse. Japan is not some mystical fairy land of do-gooders -- quit kidding yourself. Seoul, South Korea is the only place I've ever seen a homeless, legless amputee literally dragging himself along in a public market, begging for help, while people completely passed him by as if he didn't exist.

Re:No problem

[FireFury03]

Do not use unless you know for sure that you are allowed. An SSID of "UseThisWiFi" or similar.

It's not always clear what is public or not without explicit knowledge of what SSIDs the public access providers use.

Lets take an example. You come across an access point called "MyCloud" - there is nothing in that name that tells you it's a public access point if you didn't already know that the hotspot provider called "The Cloud" happened to exist and use "MyCloud" as their SSID.

Another example. You're at an airport and you find an open access point called "AirportWIFI", or you're at a pub and find "PubWIFI" - are you to assume that these are intentionally open for the use of the airport or pub patrons, or are they private networks that have been accidentally left open.

Another example. BT runs 802.11 hotspots, but they also provide 802.11 equipment to people subscribing to BT's ADSL connections. You find an open access point called "BT Voyager" - are you to assume that it's one of their hotspots or a private access point that's been misconfigured?

The fact is that there is no way to tell the difference between a public free hotspot and a misconfigured private access point. It seems to me that if an access point advertises itself as an open AP, and when you conntect it leases you an IP address and then gives you unrestricted access to the internet then you should be well within your rights to assume it's a public hotspot since there is no way to tell any different. On the other hand, if someone has made some attempt to secure it, even if it's just hiding the SSID, you should assume it's not intended for public use and leave it alone.

Not only that, but if your home access point is called "Linksys" then your laptop will probably quite happilly associate with any other open access point with the SSID of "Linksys" even if you don't ask it to.

Re:

[The Evil Couch]

A slight modification to the bike analogy makes it valid.

He has several bikes in his yard. If he's the only one other one using a bike at the time, you're not causing any noticable interference. However, by using any of them, you're depriving him the ability to have a family outing with his wife and kids on the other bikes. He might not do it all the time, but you're preventing him from having the option available to him.

"Dishonestly obtaining free internet access..." ?

[Jeremy_Bee]

Given the circumstances of the arrest and the description of the law, there is no way this is (or should be considered) an illegal act.

If the fellow was wealthy enough to this to a high court, or possibly the European court, they would win hands down and the law would be struck off the books. As an English person myself I can tell you that the UK has a strong propensity for these kinds of knee-jerk fascist laws that often stay on the books for years both because of the tendency of the average Brit to knuckle under to the cops and because rich people are rarely charged with such offences.

The law (as described in the article), says that "Dishonestly obtaining free internet access..." was the crime. Yet it's a long established legal principle that merely adding the word "dishonest" in front of something does not actually make it a crime. You can't just say that driving a car is alright but "dishonestly driving a car" is a crime. This is patent nonsense.

The crime should be correctly defined as "stealing broadband access," and stealing requires both knowledge of wrong-doing and an intent to deprive the victim at a bare minimum.

There is no deprivation here, and nothing has been lost. The man in question seemed to have no way of knowing that the owner of the broadband connection did not want people to access it. Some people have wireless and leave it open on purpose. I know at least four of my neighbors do this.

To top it all off, when the police saw him sitting on the wall and asked him what he was doing, he freely admitted it and apparently didn't see anything wrong with the practice. A good argument could be made that he was "Honestly obtaining free internet access" and not being dishonest at all.

Unless there are facts not in evidence in this story, like the broadband being secured with a password, there simply is no crime here at all. Unfortunately the way the justice system is both in the UK and in North America, this unjust, ridiculous law will hang around bothering people for ages before someone with enough political power or money decides they are tired of it.

Re:"Dishonestly obtaining free internet access..."

[janrinok]

The crime should be correctly defined as "stealing broadband access," and stealing requires both knowledge of wrong-doing and an intent to deprive the victim at a bare minimum. There is no deprivation here, and nothing has been lost. The man in question seemed to have no way of knowing that the owner of the broadband connection did not want people to access it.

I am also British but I do not agree with your analysis. Firstly, because "Dishonestly obtaining free internet access is an offence under the Communications Act 2003 and a potential breach of the Computer Misuse Act." The offence is specifically stated in the law as it is currently written, although not using that particular phrase. The use of the word 'dishonest' does not make a law valid, but it is the correct usage to indicate that a crime is believed to have been committed when the charge is being written. After all and as you have pointed out, without the word dishonest then it appears that there has been no crime. Unfortunately, TFA has not used the specific wording from the act but has quoted what the individual has been charged with. The case could, I suppose, fail on this technicality but I suspect that the judge will accept it. Secondly, any unauthorised use of someone's computer equipment, which includes a network, is covered by the Computer Misuse Act. If the owner has not given specific permission as required by this Act, then an offence has been committed. Of course, we will not know until the court case is heard whether the owner had given such permission but the accused did admit to "using the owner's unsecured wireless internet connection without permission" so it looks quite likely that the Act was contravened. Thirdly, if the ISP account allows x Mbs to be downloaded and this individual was downloading y Mbs, then deprivation of that bandwidth did take place. Whether the owner would have noticed it is not relevant in law. Just because you are not driving your car at any particular time does not give me the authority to drive it. Furthermore, if the account was capped, then the legal user of the network has also been deprived of a specific amount of data that now cannot be downloaded during the relevant download period. Fourthly, you might leave your network open and free to all users but, unless you have advertised it as such, then no-one can use your network without your 'specific permission'. That is why airports have the signs announcing that a wifi is available. It is the legal authority for others to use it. Simply leaving it unsecured does not fulfil this requirement as far as I understand it. The law in the UK, rightly or wrongly, does not accept that an open network implicitly grants permission for anyone to use it. You might like it to be so but it is not currently what the law believes to be a correct interpretation of the appropriate Acts. The police have reasonable grounds for suspicion that the law has been contravened and have thus acted appropriately.

Despite my analysis, the judge may decide that there is insufficient evidence here to prove guilt beyond all reasonable doubt or there may be, as you have already acknowledged, further facts that have not been included in TFA. We will all have to wait to see whether the judge or CPS (although I do not think that they will be asked for a judgement in this case) thinks that the police acted correctly and whether the case leads anywhere. Regardless, the outcome could well clear up any misunderstandings that might currently exist as to what it, and what is not, permitted by law in UK with regard to unsecured networks.

Finally, I do not agree that this is an 'unjust' law - but IANAL. It addresses a specific problem, in fact a series of problems, and I personally support it. The title of TFA is, in the usual Slashdot fashion, a gross exaggeration of the truth - a single person has been charged, there is hardly a 'crackdown' on broadband theft.

Re:"Dishonestly obtaining free internet access..."

[ManxStef]

If anyone's interested, here's the relevant section of the Communications Act 2003 [opsi.gov.uk]:

• 125 Dishonestly obtaining electronic communications services
  • (1)
    A person who--
    • (a) dishonestly obtains an electronic communications service, and
    • (b)does so with intent to avoid payment of a charge applicable to the provision of that service,
    is guilty of an offence.
  • (2)
    It is not an offence under this section to obtain a service mentioned in section 297(1) of the Copyright, Designs and Patents Act 1988 (c. 48) (dishonestly obtaining a broadcasting or cable programme service provided from a place in the UK).
  • (3)
    A person guilty of an offence under this section shall be liable--
    • (a) on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum, or to both;
    • (b) on conviction on indictment, to imprisonment for a term not exceeding five years or to a fine, or to both.

Here's the relevant section of the Computer Misuse Act 1990 [opsi.gov.uk]:

• 1 Unauthorised access to computer material
  • (1)
    A person is guilty of an offence if--
    • (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
    • (b) the access he intends to secure is unauthorised; and
    • (c) he knows at the time when he causes the computer to perform the function that that is the case.
  • (2)
    The intent a person has to have to commit an offence under this section need not be directed at--
    • (a) any particular program or data;
    • (b) a program or data of any particular kind; or
    • (c) a program or data held in any particular computer.
  • (3)
    A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

Re:

[richie2000]

You have a tap in your front yard, mind if I use it to water my plants next door?

No, of course I don't mind. Just put the hose back when you're done, 'kay?

You do? Well, same principle here.

What the hell is wrong with you people? Weren't you allowed to use any of the toys at kindergarten and this petty selfishness is your way to get back at the world? Do you hate your neighbours because they have nicer plants than you do?

Re:

[richie2000]

Tell me you wouldn't have any issue with some guy popping over, plugging his hose into your tap and using your water supply for a few days without asking?

No problem at all. As I intimated, he's even free to use my hose as long as he puts it back. Here, I'll give you a pointer: Free water [google.com]. There are two taps; one on the front of the garage and one on the back patio. There are 10m hoses attached to both, with standard connectors so you can add your hose if you need an extension. In addition, the WiFi is open with a SSID of "Orrviken"; it's a full duplex 10mbps fiber. Also, there are standard 240V outlets on the greenhouse, back patio and, of course, the fron

Re:No problem

[irc.goatse.cx troll]

If those two had anything to do with eachother, maybe. until then lets stick to the actual facts instead of trying to apply something simple that anyone on slashdot should already understand to something 'more basic' that just complicates things.

It's an open AP. Theres plenty of them ran by people like me who wish to share their internet access to those nearby who need to bum a quick connection.

You using my open AP doesn't "steal" anything from me. Most of my bandwidth goes unused anyways, and if I wanted to use it QoS gives it to me when I need it. Admittedly most standard routers arnt configured that way, but most standard users dont care.

Really the question is how is this guy supposed to know that the Open access point ISN'T for public use? Theres nothing indicating that. SSID isn't something private sounding (probably 'linksys'), theres no password, no encryption, no mac limitation, no vpn forcing routing.. NOTHING to indicate that it isnt for public use.

Too complicated for you? Heres a worthless analogy that at least applies. It's like if I was at your business in the lobby and grabbed the phone you had in the waiting room and made a call. Maybe it was for employees/customers only, maybe it wasnt, no sign was around to tell me one way or the other and when I picked it up it worked without any hassle.

Re:No problem

[LarsG]

I know people like the 'open door' analogy, but let's see what's really happening here.

Laptop: Hey, can I connect to you?
Access Point: Sure.
Laptop: Can I get an IP address, too?
Access Point: Sure.

That's more the equivalent of having a guard at your door saying 'please come in' to anyone passing by.

Unless AP answers no to those requests, how is Laptop to know that it is unauthorized? Heck, Windows will even autoconnect to an open AP; should we sue MS for aiding and abetting?

It should be the AP owners responsibility to set up the AP so that connecting to it requires authorization.

just because someone doesn't know about such things, doesn't mean it's morally right to use up their internet quota.

That's more an issue of AP manufacturers not properly edumacating their customers. The first page in the manual should explain this and the first screen in the setup wizard should include a 'allow anyone access yes/no'.

Re:No problem

[SnowZero]

The analogy of the home with the door left open applies somewhat well here.

Well, IMO it's more like peeing in a working toilet that someone installed on their front lawn.

Don't get me wrong; I don't think its right to to steal wireless bandwidth against an owner's wishes, but any punishment more severe than a fine is going too far. You don't get arrested for parking illegally (well, as long as you pay your tickets), and this should be much the same way. Using someone's bandwidth (so that they can't) is a lot like parking where you partially block their driveway.

You make an excellent point that a citation should only occur when an owner complains. Unfortunately I'm not sure that standard is being met in these recent cases.

Re:

[larry bagina]

I've peed on many a front lawn. Never seen one with a toilet, though.

Unsecured AP ~= Open AP

[jmorris42]

> That being said, the owner of the access point is entirely within their rights to both improperly
> secure it, and to attempt to pursue those who improperly use it. The analogy of the home with the
> door left open applies somewhat well here.

No. If I go into your house it is reasonable to assume that I know I'm doing something wrong. But if I light up my laptop and use the first available signal it really isn't the same thing. Perhaps if the access point vendors added a splash page option for every new association so the rules of access could be displayed, but at that point why not just make them stop broadcasting an ESSID by default. When a laptop or PDA can associate by default with no intervention it is really hard to say the user should divine the state of mind of the owner of the AP. An unsecured access point is indistinguisable from an OPEN access point.

I have used 'available' WiFi before and don't consider myself a thief. My Thinkpad+Cisco350 just refused to associate to my brother's D-Link AP, instead jumping on one of his neighbor's AP regardless how I tried telling it NOT to do that. So I finally said screw it, it's only a 2Mbps link but I can check my mail and read slashdot. By the same token I have told my neighbors I don't care if they connect to mine, that if I ever cared they wouldn't see it anymore. I do know HOW to secure an AP, I choose not to. (I loaded HyperWRT-Thibor14 on it. I can certainly click the button to supress broadcasting the ESSID or enable one of the real security options.) If we all lightened up a bit we could have WiFi signal darned near everywhere.

That said, if some idiot started leaching GBs of bandwidth running BT on my DSL line I'd block em. But my default is to share a resource I have in relative abundance. I don't keep a BT client going 24/7 so most of the time my circuit is idle.

Re:Unsecured AP ~= Open AP

[spoco2]

"If you're too stupid, you shouldn't be using the technology that's obviously over your head."

What a fine, understanding attitude you have.
A: "WiFi is such a convenient tech, it makes doing all these networked things much easier."
B: "I know, I just got a wireless router, plugged it in at home and it's so great to be able to use my laptop anywhere around the home"
A: "You did set WEP encryption didn't you?"
B: "Wha?"
A: "And MAC filtering of course?"
B: "Who the?"
A: "And I suppose you just turned off SSID broadcasting as well?"
B: "What language are you speaking sir?"
A: "You incompetent f*cking idiot... give me that access point... you have no right to use it!"

I mean really, you expect just everyone to know how to use the technology completely? It's confusing, but shouldn't be. I have no problem with it, you have no problem with it... but my wife would know a MAC address if she fell over it, should she not be using the wireless access at home then?

I'd be getting down off that high horse unless you know the intimate workings of everything you use from day to day. Just because you don't understand how everything works with something, doesn't mean you shouldn't be allowed to use it. It means that the creators of said product need to make it easier to use safely.

Re:

[dch24]

Because there can be no conviction if he refuses to press charges. It's only a theft if the property owner claims that it wasn't being given away. But laws vary.

This article shows how you can be arrested in the UK. Here is an email [72.14.253.104] (on the interesting-people mailing list, google cache) about a case in Canada where a man was convicted for "war driving." But apparently, in the US (as of 2002) there is only an FBI advisory - from the politech mailing list [findlaw.com]

Perhaps someone with more legal knowledge can reply

Re:

[1984]

I really don't care if anyone uses it as long as nothing illegal is performed

And er, how are you policing that exactly?

I'll bet at least your ISP thinks you're on the hook for anything that goes over that connection under the ToS you have with them, without regard for generous sentiment.

There is a problem

[EmbeddedJanitor]

You are giving away the ISPs services for free. All this freeloading removes money from the industry.... and who's going to whine when there's insufficient bandwidth for everything you want to do?

Re:

[twitter]

All this freeloading removes money from the industry.... and who's going to whine when there's insufficient bandwidth for everything you want to do?

Sharing is good, OK? No money is removed by people who would never have bought the service anyway. If you want to lose customers and really remove money from the industry, just try telling them they HAVE to "secure" their wireless and fine them for not doing it. There's not a lot between people who don't care and those who are copyright warrior about it.

Then it is not theft....

[EmbeddedJanitor]

TFA is about cracking down on theft.

If you deliberately share your bandwidth allocation within the limits of your agreement with your ISP then it is not theft.

If, however, the ISP says you are not allowed to share it but you do then that is theft.

But is the bandwidth yours to give away?

[BitterOak]

I know with cable television, in many jurisdictions, if you let your neighbors hook up to your cable, both you and the neighbor could be charged with a crime. Just because it's okay with you that random people use "your" bandwidth, doesn't mean it's okay with your ISP. My analogy probably isn't perfect, but just because someone opens up their wireless router and doesn't mind if people drive by and use their access point doesn't mean it's legal. I'm not sure what the law says about this. There are laws about stealing computer services, but whose are you stealing? The ISP or the owner of the access point? I think it would hinge on that question. It would probably depend on whether you pay by the gigabyte, or have an unlimited rate. If you are eating at an all you can eat restaurant, you aren't allowed to share your food with a non-paying friend. Generally, however, you can share if you pay for a fixed size meal.

Re:

[MrCoke]

I have an unsecure network, and I really don't care if anyone uses it as long as nothing illegal is performed.

How will you know ?

Re:No problem

[MutantEnemy]

all sorts of illegal stuff ... pamphlets critical of the American way of life

Those are illegal now?

First ping

[SpaceLifeForm]

The bad part is that the person who had their internet access
borrowed probably did not get any help to secure their WIFI.

Re:

[Anonymous Coward]

The person whose base station this was either set it to public access or left it on public access. So no "borrowing" occurring. This was sharing pure and simple.

I leave my base station set to public access for precisely this purpose, to share my internet connection wirelessly over the public airwaves to the public nearby.

U.K. police and courts are being quite backwards in this situation (paralleling some U.S. courts and police) to mistake a wireless base station set to public access for anything but a wir

Re:

[mangu]

the person who had their internet access borrowed probably did not get any help to secure their WIFI.

From whom do you think they should get help, and at what price? If someone isn't entitled to get free internet access, then why should someone else get free consulting on securing their WIFI routers?

Re:

[mi]

The bad part is that the person who had their internet access borrowed probably did not get any help to secure their WIFI.

It is a police responsibility to prosecute whoever goes into my unlocked house without permission — even if he only uses a toilet (thus using some water and electricity) without breaking anything.

It is not a police responsibility to help me lock the house up reliably.

the opposing viewpoint

[Doddman]

if someone leaves their door open, does it give you a right to go into their house and drink their water?

Re:the opposing viewpoint

[TheLazySci-FiAuthor]

If someone leaves a hose running into the street is it wrong to take some of that water?

Re:

[blhack]

more like:
if your neighbor's irrigation system is spraying across your yard, is it your responsibility to prevent your grass from being watered by it?

Not in this case

[einhverfr]

The guy was (from TFA):

1) Sitting outside the owners house.

2) Admitted to using it without permission.

If you were in your own home, you might have a point. In that case, I don't see a real problem. But going out of your way to find someone's access point, seeking it out, etc. seems to me somewhat different.

Re:

[AWhistler]

OK. If I'm a farmer, minding my own business, and I harvest my corn, keeping a few ears for seeds next year, and next year I get sued for stealing genetically engineered corn seeds whose pollen blew in from a neighboring farm the year before, did I do something illegal?

At first, the answer was "yes", but recently some courts have decided to wake up and answer "no".

Re:

[sjf]

If my rooftop is being irradiated by DirectTV's satellite, is it wrong do decode the signal and watch HBO without paying for it ?

Re:

[Usquebaugh]

No but it is unlawful

Re:

[CastrTroy]

Not if you live in Canada. From what I know (IANAL) it's legal to decrypt any signal you want, because it's over the air, and public domain. That's why all the pirate satellite dishes and receivers are referred to as grey-market. Because you are allowed to do this.

Re:

[burndive]

The illegal thing here would be decoding it. This was unencrypted WiFi.

What's more, his computer asked the wireless router for permission to connect, and it granted permission and handed it an IP address.

Re:

[RajivSLK]

While I'm not weighing in on way or another I think it would be more correct to say:

If someone left a hose in the street would it be wrong to turn the tap and take some water?

and then the question becomes, how much water? Is it wrong to drink if you are thirsty? Is the wrong to fill up a tank full of water? fill your swimming pool? shut off the water service to your house and connect the hose to your plumbing?

Re:

[Kythe]

Ah, analogies. Of course, in this case, wifi routers generally advertise their services and help you access them. So you'd probably need a sign on the hose saying "Have some! Just turn the valve!"

The sign may have come from the store attached to the hose, and the owner may not have noticed it, but there we are.

More like an extension cord

[EmbeddedJanitor]

A running hose just wastes the water if nobody uses it.

Awifi connection does not use internet resource if nobody uses it. Thus, a better analogy would be an extension cord in the street. Is it wrong to take someone else's electricity if you just happen upon their extension cord?

Re:

[Propaganda13]

In a lot of places, if you put your garbage out on the street, people are allowed to go through it as long as they don't trespass on your property.

If they're going to prosecute this type of crime, they should have a standard way for people to denote that their open wifi is available for public use.

Deeply flawed

[Daimanta]

This metaphore is deeply flawed. It doesn't contain any cars.

Re:

[gweihir]

if someone leaves their door open, does it give you a right to go into their house and drink their water?

Wrong analogy. If somebody builds a drinking fountain at the border of their property without any sign there, is it theft if you drink from it?

The law should not be involved in this.

[Aetuneo]

If the person "stealing" the wireless access was actually breaking into it (eg, accessing a secured wireless router by cracking the password or hacking the router), than it might make sense for the law to get involved. However, in this case, using an unsecured wireless router amounts to picking up some money off the street and using it (not an exact analogy, but close). If you leave something where anyone can take it, without trespassing on your property (breaking in to your house, or computer), then there

Preemptive Strike

[Anubis350]

Before anyone starts in with the "if the door is open, you can't go into someones house anyway" argument, I'm going to point out that most laptops these days auto connect to open connections, or at least do a popup that if the avg user isn't paying attention will connect them when they hit enter. Just like with property, than when rights aren't enforced long enough when people walk on it, it becomes public use land, the same is true of the wireless network. people leaving their networks with SSID broadcast no security is *not* the equivalent of an open, unlocked door on a residence, it's the equivalent of laying out all your stuff in the middle of the street with a sign that says "please take", or at least a path through their land that they never gated and never shooed anyone off of, it's for the public use at that point.

Re:

[whoever57]

Before anyone starts in with the "if the door is open, you can't go into someones house anyway" argument,

Actually, I believe that, in the UK, you can go in, quite legally. The laws against trespass are somewhat mild in the UK -- until a decade or so ago, trespass was not illegal, now mass trespass is illegal, but I don't think individual trespass is illegal.

Re:

[davmoo]

From TFA:

When questioned he admitted using the owner's unsecured wireless internet connection without permission and was arrested on suspicion of stealing a wireless broadband connection.

Yup, sounds like an accidental connecton there, eh?

Re:Preemptive Strike

[Angst Badger]

All these analogies are pointless anyway. If the local legislature enacts a statute imposing a fine for unauthorized access to an unsecured network, and you get caught doing it, you can be fined. It doesn't matter in the least what network access is "like". Network access could be like skiing down the Swiss Alps or biting into a Peppermint Patty for all that it matters. We're not talking about a law regulating access to land being imaginatively applied to network access. We're talking about a law explicitly regulating network access.

And yes, people should secure their networks if they don't want to deal with casual intruders. But people should also stop taking advantage of the ignorance of other people, too.

Re:Preemptive Strike

[jfengel]

But we're Slashdotters! We only know how to reason by analogy.

Holding a Slashdot argument without using a flurry of conflicting and dubious analogies is like a car with brakes only on its left wheels... no, wait, it's like a door with a lock that accepts puns as an answer... no, it's like...

WTF?

[growse]

How the hell are you supposed to know if you're allowed to connect to an available unsecured access point or not? Can starbucks arrest everyone in their shop using it if they decide on a whim that they didn't actually mean anyone to unlawfully 'break into' their unsecured wireless network?

Re:

[LordSnooty]

If they asked people to stop then yes, the customer would be gaining unauthorised access to the network. The fact that 'free wi-fi' is plastered everywhere is reasonable grounds to assume they won't be asking people to stop.

Re:

[growse]

So I enter a public space, and there's an unsecured wi-fi point. Am I breaking the law if I connect to that? Do I need explicit permission to connect to an unsecured access point, and what form must that permission take? Or am I allowed to connect to anything and it only becomes illegal if the owner complains? How does the owner prove they're the owner of an SSID?

Re:

[gronofer]

Or am I allowed to connect to anything and it only becomes illegal if the owner complains?

The article implies that in the UK at least, the owner doesn't need to complain, and doesn't even need to know that somebody has been arrested for using the connection.

Re:

[faloi]

From TFA:
 
  When questioned he admitted using the owner's unsecured wireless internet connection without permission and was arrested on suspicion of stealing a wireless broadband connection.
 
Your first hint that you might not be allowed to use the connection is when you realize you don't have permission and admit it to the local constabulary.

Re:WTF?

[The Living Fractal]

This is just a warning to all you wifi freeloaders in the lobby: Buy some coffee. Or else.

-The Management

If it's illegal to use an unsecured wifi network..

[tuxlove]

...then why do hardware manufacturers design their products to automatically join unsecured networks by default? You could get cited simply for buying a laptop and turning it on. Some unsecured networks actually are intended to be used freely. How are you supposed to tell?

Seems to me that the law should clearly state the legal difference between an "open" and "closed" wifi network, presumably with password protection being the key difference.

DHCP

[flyingfsck]

If this poor sod used DHCP then one could argue that he asked and was granted permission to join: Request -> Offer -> Accept is valid contract.

It is different if he had to actively sniff the network in order to figure out how to join.

Hmmm.

[Colin Smith]

in Germany, pretty much all access points are secured. In the UK, pretty much only those owned by IT people.

In Germany the owner is responsible for the traffic. In the UK, they're not. Perhaps the average British person is just dumber than the average German. Perhaps personal responsibility makes a difference.

 

Re:

[datapharmer]

Perhaps in the UK they learned how to *share*
Someone needs to teach this *sharing* concept to the police!

Re:

[Colin Smith]

No, really, it is just ignorance.

 

Re:

[easter1916]

Is that Colin who worked at B&L Hoofddorp 96 to 98ish...?

Re:

[Stevecrox]

Most wireless networks I've come accross (which is alot) are secured, currently from my bedroom in my house I can detect 8 secured wireless networks and 0 unsecured, if I travel through the city with my PDA which supports 802.11b/g it highly rare to come accross a unsecure network. 3 or 4 years ago you would have been right I still remember being able to walk from my house the two miles into the city centre listening to Radio 1 as my device hopped from one network to anouther. Today I can't do that there ar

Re:

[jrumney]

in Germany, pretty much all access points are secured. In the UK, pretty much only those owned by IT people.

Right now I can see 5 wireless networks, 2 secured with WPA, 3 with 104 bit WEP. In the evenings, I can often see up to 20 access points, all secure. Most of the non-technical users have APs labelled BTFusion-XXXX (WPA), BTHomeHub-XXXX (WEP) or SKYXXXXX (WPA), which come preconfigured with security on.

Meh, it's the law

[faloi]

Dishonestly obtaining free internet access is an offence under the Communications Act 2003 and a potential breach of the Computer Misuse Act
 
From the article, it wasn't quite like he just happened to luck into a network that wasn't secure. It sounds like he parked himself outside the house, and got caught. And there's a law against it in the UK.
 
Don't like it, oppose the law...or try to get it overturned. Until then, you have to live with it even though you might find it stupid.

Completely wrong paradigm

[teutonic_leech]

Bandwidth should be ubiquitous - as usual we are letting our fears drive our policies. I completely understand that the authorities want to be able to pinpoint who's using their connection to download child p0rn, send messages to known terrorist organizations, steal credit cards, or send spam. But the reality of it all is that the 'bad boys' already know how to protect themselves and how to obfuscate their identity. Add to this that 90% of all computers connected to the Internet are virus and trojan ridden (i.e. running Windows). So, this whole push to penalize people for using Internet connections wherever they are available is tantamount to the RIAA's effort to curb the proliferation of digital media, which thus far has proven to be an exercise in futility (since digital media inherently wants to be copied since it [most] always produces identical copies).

I see a huge opportunity here for some entity to encourage and drive the proliferation of [low cost] ubiquitous Internet access. Obviously in some way or fashion the wireless and mobile industries are working towards that goal, but it's far from being universally available. Again, the wrong paradim is being applied - we should encourage bandwidth to be used, not prevent others from accessing it. If I am able to share my bandwidth with my neighbors, and vice versa - we all win in the end and enjoy higher QoS. Also, the more we spread out the last 100 feet Internet access points the more efficient we are using our infrastructure as a whole. I know this sounds anarchistic to some extent, but right now we are moving into the exact opposite of the spectrum: bandwidth scaling, packet filtering, access restrictions wherever you turn. Is this how we imagined the Internet to turn into? If we let this trend continue, how is it going to wind up 10 or 20 years from now? Are we all going to be monitored/analyzed/profiled and at the same time 'herded' into tightly controlled pipes managed by large consolidated corporate monopolies? I hope WiMax will come to the rescue at some time - it's been promised for a long time and the roll out has been extremely slow.

my SSID is FREEINTERNET

[netsavior]

Share your networks and secure your PCs that is my philosophy. I could care less if my neighbors use my connection, I would prefer it because then they will not be asking me to come over and fix theirs every day ;)

Ego

[Bane1998]

'inability (read: apathy)' is editorializing. Which, fine, that happens on slashdot. But the idea that people have that 'if the damn users would just learn aboud WEP versus WPA, duh' is moronic. People USE computers, and may not know every detail or security concept, and they shouldn't have to. We 'techno elite' should provide the simple tools to work with confusing concepts. And we should default to good security. Which is not always possible, if you want your product to just work with the rest of yoru network.

But blaming the users and callign them apathetic? Get over yourself. Not everyone should have to or needs to know dirty security details or how to configure their router. If you MUST sustain your ego by blaming someone you can call an idiot, at least blame 'The Geek Squad' or whatever other support people set up the layman's network. Not the layman.

Enough already with the metaphors

[Weaselmancer]

If you post a good one, someone from the other side of the argument posts a better one. Especially if there is a house involved.

How 'bout we just discuss the problem itself?

Unauthorized use?

[Jorgandar]

Rubbish law. When you log into a network, so long as you're not hacking it, you politely ask the router "may i use this network and have an IP address?". The router says "yes", on behalf of you, the owner. Therefore it is authorized.

Its NOT the same as leaving your front door open in your house, or your car unlocked.

It IS the same as leaving your front door open in your house, having a visitor stop at the door and ask "may I come in?" and you replying "yes". You can't then turn around and sue for trespassing.

-J

Dishonest?

[gweihir]

Since when is dishones illegal? Allmost all politicians would have a major problem if it were...

House metaphor is

[pembo13]

The house metaphor is bad. To get to the open door, one has to enter the persons property, which is trespassing. To get the unsecured wireless, you don't have to trespass.

Ah, techonology...

[Shikaku]

These days you can Wardrive (http://en.wikipedia.org/wiki/Wardriving [wikipedia.org]) with a Nintendo DS. You can even access the internet through that said Nintendo DS using the information gathered. Granted, it is quite limited on the scope of what it can do, but the point is it isn't as hard as one would think.

The analogy of someone leaving the door open is quite correct in a way. However, the technology makes the door more like an unlocked door of a giant mansion with many entrances that are all unlocked. People, especially the common person, would probably never know that someone was using the internet.

Even with encryption, it has been proven it isn't hard to break anyway: http://hardware.slashdot.org/article.pl?sid=05/04/ 05/1428250 [slashdot.org]

Yes, the analogy holds; give it up

[dircha]

It isn't theft, but it is ethically analogous to trespassing in an unlocked house or on unfenced property; let me tell you why.

This wireless internet use has at least the following ethically significant properties:
- The resource owner paid and contracted for the resource
- The access is unauthorized by the resource owner and is not authorized by any other agreement
- The access is undesired by the resource owner
- The access violates the owner's expectation to exclusive use of the resource
- The resource is limited at any point in time - unauthorized access deprives the owner of concurrent use of some part of what he or she has paid or contracted for
- The resource is effectively self-replenishing - unauthorized access does not deprive the owner of full and exclusive access once the unauthorized access has terminated

Even in the best case in which the authorized user uses the resource only when the the resource owner is away from home and not using it, the situation is still ethically analogous to the following activity that most would agree is clearly unethical:

Entering a private unfenced property while the owner is away and sitting down in a vacant yard chair to enjoy the nice view afforded from the property.

The owner of the property may never know of the trespasser. The trespasser leaves few if any traces. The trespasser's use of the resource never deprives the owner's use of the resource.

And yet most people would certainly consider this use to be unethical, at least in a petty sense. Clearly it is within the rights of the property owner to have this activity stopped. And clearly it is within the rights of the rest of the property owners in the community to have the expectation that an individual who trespass on their property ought to be punished or corrected by the legal system in place.

Now, if the trespasser did not know that he was committing the act - not that he did not know it was wrong - such as if his computer connected without his knowledge, that would be a fair defense, but that is not the case here.

Knowing how DHCP and SSID broadcast work doesn't make you immune to the law of the land, and it shouldn't.

So inability is apathy?

[dircha]

"taking advantage of someone else's inability (read: apathy) towards securing their home network"

This is an awfully arrogant assumption, and hopefully sheds some light on why many Slashdot commentors apparently see nothing wrong with this practice.

How would you, you should ask, tell inability from apathy? What if the person running the router really does not know how to secure it? I know plenty of people who have no clue at all how to secure their wireless routers. Do you think that if they knew you were using it they would be alright with that? That doesn't seem very unlikely.

"Mrs. Smith, we found this man outside your house access your home wireless network." And you expect us to believe Mrs. Smith would be fine with this and tell the officers to let the creepy guy parked outside her home continue? Seriously. That's just bullshit and you know it.

It's no wonder we keep seeing more legislation cracking down on these sorts of activities. It's precisely because people don't accept them, and precisely because they don't know how to protect themselves against them.

BS

[shaitand]

'taking advantage of someone else's inability (read: apathy) towards securing their home network'

This is ridiculous. Simply because Joe Sixpack doesn't know how to secure his wireless does not mean he doesn't care about whether or not it is secure. Most 'techs' can't secure a wifi network properly. Further, even if we assume that caring would automatically mean the network would be secured (not a safe assumption) we certainly couldn't assume that Joe has any reason to believe his wifi isn't secure out of the box. After all, Joe bought the middle priced unit, not the cheap crap.

Even if Joe both cared and knew his network was insecure that doesn't mean Joe is technically literate enough to resolve the issue himself. Anyone who has conversed with Linksys tech support knows they can't help Joe. If Joe can't afford to pay a technician to secure the network (IMHO all setup of wireless networks, computer networks, internet connections, computers, printers, and software should be performed by competent technicians but that is another story) then Joe is basically stuck having an unsecure network or no network. Now, choosing to have an unsecure network over no network might be called a degree of apathy but only by a purist.

It is what it is: a crime of ignorance.

[Wanderer1]

Whether it is ethical to use the bandwidth, or whether the law is productive for society or not, the real crime is ignorance - on the part of the accused.

We all know a myriad of ways to use willing wireless network appliances to signal our ideas and the ideas of others (or patterns of bits, or the motion of electromagnetic fields, or whatever realistic description of what you're actually doing by interacting with a wireless networking device - not consuming someone's water or walking into their house - both of which are unrelated and inappropriate scenarios to compare the act of communication with.)

We also know a myriad of ways to do this at a distance, without detection, and without drawing undue attention to ourselves. And that is fine, and well, and good, and righteous - for it is never a crime, or a sin, or an immoral act, to know how to do something.

The gentleman arrested for "theft" or "unlawful access" or whatever they'll settle this as is guilty of ignorance. It is unlikely he was aware that a statute on the books prohibited operating his computer in this manner - a manner which consumes nothing but electromotive force and the materials used to invoke that force. The imposition of arbitrary or calculated "quotas" on service consumption is an arrangement entered by the owner of the networking device, and probably ill considered when paired with the promiscuously behaving software that runs inside of it, allowing anyone who to manipulate the bits in the *standard, accepted, and published method of signaling in response to an advertisement of service availability known as the SSID and beacon*.

The second act of ignorance, other than ignorance of the statute (which is assumed in this case, but only partially used to justify this point,) is the ignorance of practice which would have placed him outside the attention of both law enforcement and the equipment owner. This would involve, but is not limited to, sitting out of the range of attention of the owner, sitting on his own property in range of the owner, using an arbitrary Media Access Control (MAC) address which would not uniquely identify his machine after a reboot, or using an antenna which would make it impractical to locate his computer in a neighborhood of many computers where triangulation of the signal would require more resources than are justified by the contrived "damages" of the so-called "crime."

I say that his crime is of ignorance, because had he been informed of the statute and the methods above he would have been able to continue communicating with other computers or individuals without being persecuted for his actions - which do not appear on their face to harm society or another individual.

The point in making this lengthy post is to stake a flag of reason in a sea of irrational thought. The analogy that communicating through a network is a form of "theft" is irrational and does not on its face make sense. If there is a resource constraint due to the implementation of the technology or the imposition of an artificial resource "quota," than the unfortunate act of leaving the access point in a promiscuous state is the liability of the owner, not of those who may use the access device to communicate patterns of grouped binary values with others.

It is further complicated by the belief that one can "trespass" on any device that is capable of automated signaling, doubly so if that device is capable of signaling wirelessly, and at a distance which might permit such signaling to take place from your own fixed property. Indeed, if I am able to, as I am now, lie in my own bed, in my rented apartment, and yet have the ability to cause to be signaled a pattern of binary values from my personal computer to a network device that I do not own and that does not exist on my own property, then I must assume - from a sound mind and rational position - that this is both harmless to society and to the individual who, through action or inaction, makes this service available to be signaled. That it is construe

Just in case you need to use someone else's ...

[The Mutant]

bandwidth, first make sure they want to share [consume.net].

if you want to share your bandwidth get a Fonera

[dominux]

FON [fon.com] sell cheap routers called La Fonera with dual SSID. One is secure and for your own use, one is open and for the benefit of other people who share their bandwidth with a Fonera router. Guests who don't share their bandwidth can also connect for $3 per day. There are a few other permutations including a revenue sharing model, go read about it. Most ISPs in the UK don't let you share your bandwidth, however Fondoo.net [fondoo.net] do.

Deliberately Sharing Internet Access

[Nurgled]

Most replies here are arguing from the point of view of the person "stealing" Internet access. I'm more concerned, though, about the affect this will eventually have on those who are intentionally sharing Internet access.

An implication made in the article is that if you leave your access point open you are responsible for anything sent over your Internet connection, even if it's sent by other people. This concerns me for a number of reasons. The most important of these is that this does not seem to be the case for any other sort of network connection: ISPs, libraries and commercial wireless access points are not held accountable for activity of their users, so why should someone providing Internet access in their home be held to a different standard?

Additionally, with this decision I'm unsure what one is supposed to do in order to "give permission" to use a public access point. Should I display a sign on my house saying "I give permission to use my wi-fi"? What happens if someone's laptop inadvertantly "roams" into the unsecured network of one of my neighbours?

The assumption by the police seems to be that everyone must be selfish with all of their property and never share with others. I shant add another ridiculous analogy to the pot, but I would like to live in a world where everyone shares alike: I offer you the use of my Internet connection in the hope that, if I'm ever near your home, you will let me use yours as well. It's a shame that the vast majority are too selfish to see the benefits that this would bring.

"[PUBLIC]" in SSID of open hotspots

[adrenaline_junky]

My idea never seems to get traction, but I still think its a good one and will repeat it once again:

If you INTEND to make your wifi open access, then you should signify this by including the key word "[PUBLIC]" or [PUB]" at the start (e.g. "[PUBLIC] Joe's Wifi" or "[PUB] Megaboob, Inc").

That makes the intent crystal clear (some other key words could also be included to provide flexibility).

I agree that any open wifi spot ought to be assumed to be public in the first place, but since the law seems to disagree, I believe my idea is the next best alternative. Software that searches for hotspots could be updated to look for these key words to indicate if the hotspots are intended to be public or not.

Long term, it would be nice if the wifi standard were updated so that a bit could be toggled which would indicate whether the hotspot is intended to be public or not. In the configuration menu it could be right next to the "Make SSID Visible" checkbox.

Re:

[peacefinder]

Then stop stealing my sunlight, ya daft bastard! ... what? Sunlight can't be stolen, but 2.4MHz EM signals can? It's all EM radiation.

Re:

[CastrTroy]

But that EM radiation is converted into a signal that travels along their wired internet connection. And if you use X bandwidth, that's X bandwidth that they can no longer use. It would be akin to your neighbour setting up a giant sun blocking shield (ala Mr. Burns) so that you could no longer use the sun that would regularly shine on you property. Just as a reference point, I agree that they shouldn't be charged. If someone leaves their connection wide open, there is no way to know that you aren't allo

Re:

[netsavior]

If you post a newspaper article on your door, and I walk by and read it, did I steal your newspaper? If you stand in your yard naked and I see you, am I a peeping tom? If your music is too loud and I listen to you play your CDs am I stealing music?

Leaching is not stealing, since nothing is LOST. If you don't want people leaching, then stop them from doing so.. involving the government just makes things mroe rediculious for everyone.

Re:

[whoever57]

Leaching is not stealing, since nothing is LOST.

What if I am trying to download a large file and the leech is using some of the bandwidth, so my download is slower? What if I hit my monthly allowance because of the data downloaded by the leech?

In this case, the owner was probably freaked by having someone sitting in a car parked outside his house.

Re:

[easter1916]

It's 'leeching'. As in 'leeches'. Blood sucking primitive organisms.

From wikipedia.org:

Leech (computing), in computing, someone who uses others' information or effort but does not provide any in return.

Re:

[Morky]

Very well put. I will use this to explain my point going forward.

Re:

[batkiwi]

Saying it is so doesn't make it so, and contrived analogies are not relevant. Your analogy was one of the worst I've seen due to the sign part, but also due to the fact that passer-bys watching your TV on the lawn does not possibly cost you more (many UK plans charge for usage, same as here in Australia) and does not prevent you from "tuning" as many channels on the other TVs in your house.

Unless the SSID is something like "public" or "freewifi" then you do not have a reasonable expectation that it is ther

Light != wifi

[EmbeddedJanitor]

Very bad comparison.

The 1000W light is just waste and using it does not use up anybody's resources. However making a connection to their wifi uses more than just wasted resources.

Re:

[The Living Fractal]

That's the answer these days isn't it? Any doubt? Let's make it illegal! Let's protect idiots from themselves. Let's circumvent evolution and allow them to breed.

Harsh? That is just how it is and how the courts have decided it. And it is fair.

BUT LIFE ISN'T.