Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Schneier Says 'Steal this Wi-Fi'

CmdrTaco posted more than 6 years ago | from the can-i-steal-a-sandwich-too-i'm-hungry dept.

Wireless Networking 432

apolloose noted Bruce Schneier's latest entry on Wired where he talks about insecured wifi networks, and suggests that you Steal this WiFi. Basically, since insecure WiFi is everywhere, why not? You're helping make the world a little better for someone else.

cancel ×

432 comments

Yeah, but... (5, Funny)

Serenissima (1210562) | more than 6 years ago | (#21984798)

If I opened up my network, anyone could start downloading pirated movies and music and use up all of my bandwidth that I want to use for downloading pirated movies and music!

Re:Yeah, but... (0, Funny)

Anonymous Coward | more than 6 years ago | (#21984970)

In Soviet Russia, pirated music steals you!

Re:Yeah, but... (2, Insightful)

plague3106 (71849) | more than 6 years ago | (#21985388)

Well, the actual article is pretty silly. His response to "if you're accused of downloading child porn you're better off pleading that going to court?" Ya, just want I want to do, have that on my record.

No thanks, I'll lock down my network.

Re:Yeah, but... (1)

flu1d (664635) | more than 6 years ago | (#21985536)

I say he's just creating reasonable doubt for his own mp3 collection.

Steal Wi-Fi? (0, Troll)

techpawn (969834) | more than 6 years ago | (#21984812)

That's like saying we should "steal" music files because it's not a physical thing and EVERYONES doing it so it's okay. Besides, it'll be an important lesson to those who didn't secure it in the first place...

Re:Steal Wi-Fi? (2, Funny)

dattaway (3088) | more than 6 years ago | (#21984944)

That's like saying we should "steal" music files

I thought that's how most people seal music files and do P2P: one of their neighbor's open networks.

Re:Steal Wi-Fi? (1)

Serenissima (1210562) | more than 6 years ago | (#21984980)

That's how smart people would do it. Unfortunately, having a P2P program doesn't necessarily make one smart. There are a LOT more stupid people downloading stuff than people who step back a minute and think about it.

FON (2, Insightful)

Jeremiah Cornelius (137) | more than 6 years ago | (#21985120)

Bruce mentions FON, which has dual capability APs - with both an open and a private net. With a proper IP scheme, you could even firewall the Internet upstream, to block P2P when the source is on the open net.

I have a similar setup - but I don't have FON APs. I run an open AP, with all of my machines and services on an internal VPN.

Re:Steal Wi-Fi? (5, Insightful)

Intron (870560) | more than 6 years ago | (#21985008)

I think it's more like bookcrossing [bookcrossing.com] You've already paid for it, now you're letting someone else use it. With books, publishers might not like it because they sell fewer books. With wifi, ISPs may sell fewer connections. Either way it's not stealing.

Re:Steal Wi-Fi? (1)

techpawn (969834) | more than 6 years ago | (#21985078)

You've already paid for it, now you're letting someone else use it.
The same argument can be made for music in an odd way, but, that didn't stop DRM from going into effect.

violating your promise/contract (1)

jaypaulw (889877) | more than 6 years ago | (#21985194)

with ISP you've specifically agreed you wont do that. Get some integrity!

Re:violating your promise/contract (1)

Intron (870560) | more than 6 years ago | (#21985398)

My ISP just says my line is for residential use and may not be resold. They used to say you could only connect one computer, but took out that whole section due to complaints. It says nothing about wifi or sharing.

Re:Steal Wi-Fi? (3, Informative)

Goaway (82658) | more than 6 years ago | (#21985098)

No, it's nothing like that, if you actually read what he's saying instead of rushing in to make yourself sound smart on the internet.

Re:Steal Wi-Fi? (1)

techpawn (969834) | more than 6 years ago | (#21985348)

I know TFA is about dodging responsibility by maintaining an open WAN. But, dispite you ID you must be new here... This is Slashdot, We don't RTFA before we comment...

Re:Steal Wi-Fi? (5, Insightful)

gnick (1211984) | more than 6 years ago | (#21985428)

That's like saying we should "steal" music files because it's not a physical thing and EVERYONES doing it so it's okay. Besides, it'll be an important lesson to those who didn't secure it in the first place...
Did you RTFA? He's not suggesting that everyone should go out and steal Wi-Fi, he's just saying that it's nice to leave your own Wi-Fi unsecured so that others can use it if they want.

That said, IANAL but the ones that he apparently spoke to seem awfully cavalier about the situation. I would be extremely uncomfortable explaining to a judge that I:
1) Published an article stating that I knew that my wireless connection could be used by others to commit crimes.
2) Left my connection unsecured anyway.
3) Was arrested because of illegal traffic.
4) Expect to be excused.

Re:Steal Wi-Fi? (4, Interesting)

penguin_dance (536599) | more than 6 years ago | (#21985566)

No, it's more akin to: I go to the grocery store and buy a 5 lb bag of sugar. Now I don't need to use that much sugar so I let the neighbors have some. That's not stealing because I paid for it. You're essentially doing nothing more than what a Starbucks or other cafe does.

However, don't be surprised that companies like Comcast freak out because, while they want you to PAY for all that bandwidth, they don't actually want you to USE it!

Why stealth? (1)

gzipped_tar (1151931) | more than 6 years ago | (#21984852)

I thought it would be about stealing the wifi hardware... well not

how do i crack a WEP password? (0, Flamebait)

boxlight (928484) | more than 6 years ago | (#21984860)

I'd like to move my iMac around the house. I don't have a wireless router but there's about 6 wireless access points I can see in my neighbourhood alone. There's all password protected though -- probably with WEP.

Can anyone point me to a simple tutorial on cracking a WEP password? I really just want to check my email, I wouldn't abuse my neighbour's internet access with anything malicious.

Thanks!

Re:how do i crack a WEP password? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#21984878)

Why not just buy a wireless router instead of being an asshole?

Re:how do i crack a WEP password? (3, Insightful)

fastest fascist (1086001) | more than 6 years ago | (#21984880)

how about just getting a wireless router, instead?

Re:how do i crack a WEP password? (1)

Archangel Michael (180766) | more than 6 years ago | (#21984938)

"how about just getting a wireless router, instead?"

Because he's a cheap bastard?

Re:how do i crack a WEP password? (4, Funny)

fastest fascist (1086001) | more than 6 years ago | (#21984996)

Excuse me? He uses an iMac, therefore he must be used to paying through the nose.

Re:how do i crack a WEP password? (1)

somersault (912633) | more than 6 years ago | (#21985176)

Possible that he's a poser and just spent all his money on an iMac, and therefore can't afford a wireless router? ;) Or he bought it cheap from another poser.. (I've always liked Apple, but if I'm gonna buy one these days it would be the 'pro' stuff rather than something with a crappy graphics card..)

Re:how do i crack a WEP password? (5, Funny)

Anonymous Coward | more than 6 years ago | (#21985228)

So then he's just a bastard?

Re:how do i crack a WEP password? (1)

mavi_yelken (801565) | more than 6 years ago | (#21985486)

come on it was just the bait.

Re:how do i crack a WEP password? (1, Informative)

Anonymous Coward | more than 6 years ago | (#21984890)

Re:how do i crack a WEP password? (1)

boxlight (928484) | more than 6 years ago | (#21984964)

Thanks!

Re:how do i crack a WEP password? (0)

Anonymous Coward | more than 6 years ago | (#21984910)

Just enabling WEP is like saying "fuck off, I would prefer you not use my network".

Re:how do i crack a WEP password? (0)

Anonymous Coward | more than 6 years ago | (#21984986)

If your asking on slashdot then chances are you don't know what your doing.

I'm not sure if you know this seeing as how your new to the internet but there are sites that you can type in "keywords" and it will give you a list of pages back related to the "keywords".

I think it was call goggel or giggle or gaggl or something like that.

Re:how do i crack a WEP password? (5, Insightful)

roystgnr (4015) | more than 6 years ago | (#21985088)

"Can anyone point me to a simple tutorial on cracking a WEP password?"

1. Ask your neighbors for permission to connect to their WiFi.
2. If you get permission, use the password they give you.
3. If you don't get permission, don't be a dick.

If someone has their WiFi configured to allow public access, I don't see much problem in making limited (e.g. no hogging bandwidth, nothing that might get them in trouble) use of it. The internet is built on the idea that people set up unattended computers to give automatic electronic permission for total strangers to use them; Slashdot would suck if everyone had to call Rob before they felt they were allowed to use his web server. But finding a hole in someone's security isn't permission, it's just intrusion.

Even when you see an open access point asking permission isn't a bad idea. It shouldn't be a legal requirement, but it's a nice thing to do, despite involving the frightening prospects of going outside and meeting someone in real life.

Re:how do i crack a WEP password? (1)

tsbiscaro (888711) | more than 6 years ago | (#21985136)

You gotta be kiddin'...

Anonymity (4, Insightful)

N3TW4LK3R (841526) | more than 6 years ago | (#21984872)

Why not? For one thing because it would pretty much guarantee total anonymity to everyone online.

If you want to commit a crime online, it's easy enough to drive your car to the next city, open you laptop and connect to a random open AP.

And if you were too lazy to do that, you can always say "It wasn't me, someone else connected through MY open AP!"

Bandwidth throttling (1)

Besna (1175279) | more than 6 years ago | (#21984912)

If someone connects from far away or with a DS, won't it lower the bandwidth for everyone? I think the .n spec has a way around it. Some routers can operate at multiple speeds, or at least switch off the lower ones (just don't use your DS).

Re:Bandwidth throttling (1)

N3TW4LK3R (841526) | more than 6 years ago | (#21985150)

No it won't. It only lowers the speed for the PC far away from the AP.
It is possible though that some other client closer to the AP 'jams' the connectivity for everyone far away: sort of like it's possible to understand someone who's whispering across the room, unless someone else is yelling in your ear :)

Look at it this way (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#21984984)

Look at it this way.

On most browsers, you can bring up your browsing history by pressing Control-H. (No, this is not going to become a discussion of werecows.) On Firefox, this brings up a sidebar that shows up on the left side of the window. If you put your mouse over the edge of the sidebar, the cursor will turn into a different kind of arrow. By clicking and dragging it, you can move the edge of the sidebar back and forth. You are, to put it another way, manipulating the border between the normal window and the history window. By moving the mouse, you can increase the portion of the window devoted to either part. In a more extreme view of this situation, you're increasing or decreasing the amount of existence the sidebar has.

Now, let's apply this idea to something more abstract. Look out your window. If you don't live in a highly urbanized area, you should be able to see the horizon. Think of this as the border between the land and the sky. The land and sky are obviously distinguishable thanks to this boundary. Now, if you were to "drag" the sash between the sky and the land, or to manipulate the border between land and sky, you would end up causing the sky to become larger and the land to become smaller, or vice versa. An effect of this might be to cause something that was just on the ground to suddenly be hundreds of feet in the air. Truly a frightening situation to be in. So, look at it this way - manipulating the border between two physical things shifts whatever balance there is in the interaction between those things. Alternatively, by manipulating the border between two things, you can change the manner in which they exist.

Still, this isn't *that* abstract, since it's still dealing with real things in the real world. Many believe that in this world, there are those things that are true, and those that obviously aren't. This divides reality into two extremes: truth and falsehood. But, since we have two extremes, logically one can imagine a boundary between those two extremes - the border between truth and lies. If one were to manipulate this border, suddenly things that were pure fantasy (flying pigs, for the sake of argument) have become reality - or things from reality have ceased to exist. This is how Yukari is said to have invaded the moon - by manipulating the border between truth and lies, as applied to the reflection of the moon on a pond, she was able to make the reflection of the moon into a manifestation of the actual moon, and so send her youkai army onto it. This is what's truly amazing about Yukari's power - the ability to manipulate the border between completely abstract concepts allows her to fundamentally change reality as we know it (at least in terms of two abstract concepts).

Re:Look at it this way (0)

Anonymous Coward | more than 6 years ago | (#21985068)

Step away from the bong, Sir!

Re:Look at it this way (0)

Anonymous Coward | more than 6 years ago | (#21985550)

Needs the Touhou Hijack image macro.

Re:Anonymity (1)

guru8376 (695028) | more than 6 years ago | (#21985028)

The problem with that is eventually the government will pass a law saying you can be held responsible for what happens from your AP.

Re:Anonymity (1)

thanatos_x (1086171) | more than 6 years ago | (#21985452)

I'm reasonably certain that has happened (or is in the works.) It wasn't in the US if I remember correctly, but Germany I believe. Unfortunately I'm a bit busy at the moment to find the actual article.

Re:Anonymity (0)

Anonymous Coward | more than 6 years ago | (#21985286)

Except for the fact that when they take ALL your computers, I'm sure one of them will have the illegal content that you calmed you didn't download...

Re:Anonymity (1)

Iorek (68393) | more than 6 years ago | (#21985344)

If you want to commit a crime online, it's easy enough to drive your car to the next city, open you laptop and connect to a random open AP.

Yeah, like this guy [theregister.co.uk] . He only got caught 'cause he set a meet. I wonder if the "elderly couple" were reprimanded for leaving their AP open? It doesn't sound like it.

Stealing is illegal (1, Funny)

Anonymous Coward | more than 6 years ago | (#21984916)

I'd suggest you don't take the access point, just let your computer communicate with it.

Beware of strangers bearing gifts (5, Interesting)

Applekid (993327) | more than 6 years ago | (#21984918)

Sure, everyone please use my unsecured local Wi-Fi access point. I'm giving back to the community... ... and the community in turn will have all traffic filtered through a box that will sniff passwords, private keys, you name it.

So please "steal this Wi-Fi" since I need a few more social security and credit card numbers.

Re:Beware of strangers bearing gifts (1)

Entropius (188861) | more than 6 years ago | (#21985042)

... because CC#'s are generally transmitted in cleartext...

Re:Beware of strangers bearing gifts (1)

jasen666 (88727) | more than 6 years ago | (#21985484)

I don't feel very secure that they're not.
[TJX nods approvingly]

Re:Beware of strangers bearing gifts (1)

Jeff DeMaagd (2015) | more than 6 years ago | (#21985048)

So please "steal this Wi-Fi" since I need a few more social security and credit card numbers.

Assuming the person stealing your Wi-Fi is using an unsecured site to do their transactions or that you can crack an SSL link.

Re:Beware of strangers bearing gifts (2, Informative)

Daniel_Staal (609844) | more than 6 years ago | (#21985460)

An SSL certificate is fairly cheap to purchase, just by one and operate a man-in-the-middle for all SSL connections. A few tech-savvy might notice, but most won't.

Re:Beware of strangers bearing gifts (4, Funny)

garcia (6573) | more than 6 years ago | (#21985554)

My public facing wireless AP has a SSID that reads, "I_SNIFF_AND_LOG". I generally find that no one is using my network and instead probably chose to use one of the 8 open "linksysfoo" APs around me.

Re:Beware of strangers bearing gifts (1)

zrq (794138) | more than 6 years ago | (#21985584)

I have the reverse problem at home.

I run an encrypted Wi-Fi network, connected to my local network and ADSL connection. However, someone else in the neighborhood runs an unencrypted Wi-Fi network, and whenever I start my laptop it tries to connect to the unencrypted networks first. I have to remember to check what network it is connected to before I use anything.

The unencrypted network is probably benign, setup by someone who hasn't read the manual and is blissfully unaware of the implications of having an open unencrypted network broadcasting itself to everyone in the area. However, tin foil hat says that they just might be a clever geek who is happily logging DHCP requests, IP addresses and any other information they can every time someone in the area switches on a wireless capable laptop.

I don't want to lock down my laptop completely, because when I travel to conferences etc. I do want it to connect to other unencrypted networks. Does anyone know how to set up a Fedora FC4 system to ignore specific networks ? Or, just make it prefer to use the encrypted one if the appropriate pass key is in the local key chain (manual pass phrase required to unlock the key chain).

Why steal when you can share? (2, Informative)

Anonymous Coward | more than 6 years ago | (#21984924)

Why steal when you can *share*? i.e. get the owner's permission, a la www.sharemywifi.com

Car analogy (3, Insightful)

Anonymous Coward | more than 6 years ago | (#21984952)

In the article, B.S. writes:

And yes, if someone did commit a crime using my network the police might visit, but what better defense is there than the fact that I have an open wireless network?
So if one of those red-light-cameras snaps a picture of my car running down a pedestrian, it should be a really great defense for me to say, "Oh yeah, I have a policy of leaving my car doors unlocked the keys in the ignition. Everyone around the neighborhood knows that."

Re:Car analogy (2, Insightful)

Anonymous Coward | more than 6 years ago | (#21985172)

I guess your implication was that this would be a poor defense, but I'm pretty sure it would be a good defense in court (or rather a useful argument as part of a defense).

Obviously the situation you describe is somewhat unrealistic (since no one would do that--losing a car is rather worse than losing a few MB of your bandwidth). A more realistic version might be a defense such as "yes that's my car, but these 20 people have access to the keys for that car, so it could have been any one of them driving it" and so on.

In a real court case, of course other evidence would always be used (do you have an alibi? motive? etc.). But saying "it wasn't necessarily me since many people have access to the car" is a valid part of a defense, and so too is "it wasn't necessarily me since many people have access to that network".

Re:Car analogy (2, Interesting)

Daniel_Staal (609844) | more than 6 years ago | (#21985632)

Having recently gotten a speeding ticket from one of those cameras...

The ticket was specifically worded not to be issued to the driver. It was to the owner of the car, regardless of whether they were driving. This did have some implications otherwise: It therefore didn't result in 'points' being added to my record.

So, back to the computer situation, they could just say that you are responsible for that bandwidth, and should have blocked it if the traffic wasn't from you. Don't know which would hold up in court, but there at least is a reply.

Re:Car analogy (3, Insightful)

phasm42 (588479) | more than 6 years ago | (#21985226)

So if one of those red-light-cameras snaps a picture of my car running down a pedestrian, it should be a really great defense for me to say, "Oh yeah, I have a policy of leaving my car doors unlocked the keys in the ignition. Everyone around the neighborhood knows that."
Which completely ignores that pretty much nobody does that with their cars (since having your car stolen results in a definite loss that can cost lots of money and a major inconvenience), but a large percentage of people do that with their wi-fi (since most of the time they don't even notice, and it doesn't cost them anything).

Re:Car analogy (1)

Ngarrang (1023425) | more than 6 years ago | (#21985540)

But, a lot of people DO leave their cars unlocked with the keys inside. Ever pull up to a gas station and find a running car...but no one is in it? It just all depends on where you live. In some places, it is quite safe to leave everything unlocked.

Yeah! But firmware and software changes would help (5, Interesting)

presidenteloco (659168) | more than 6 years ago | (#21984956)



1. Clients (laptops) default installed wifi software (hint: Steve Jobs are you reading???) need a scanning
mode which does not waste my time telling me about all the password or mac-address locked wifi
basestations, and only advises me about open ones.

2. Basestation/routers need a simple-to-configure mode where they will let others into a separate
subnet that goes straight out to the Internet but does not see my home computers directly.

3. (Brain software/mindset change.) Americans need to stop reflexively calling sharing 'stealing'.
You've been trained into this terminology by those who have already stolen everything and don't
want you to get it back.

Encrypted private *and* unencrypted open wi-fi (1)

crow (16139) | more than 6 years ago | (#21985026)

So for point 2, you want encrypted wi-fi for your home systems and open unencrypted wi-fi for guests. Is that even possible without two separate access points?

Re:Encrypted private *and* unencrypted open wi-fi (3, Informative)

Constantine XVI (880691) | more than 6 years ago | (#21985236)

Actually, yes it is. DD-WRT (http://dd-wrt.com/ [dd-wrt.com] ) has a feature that lets you put out a second (up to 4 IIRC) SSID with separate security and etc. It's only available in the RCs at the moment (and broken in RC6, but working in RC5).

Re:Encrypted private *and* unencrypted open wi-fi (1)

inviolet (797804) | more than 6 years ago | (#21985274)

So for point 2, you want encrypted wi-fi for your home systems and open unencrypted wi-fi for guests. Is that even possible without two separate access points?

Some of the newer APs have it built-in. Or you can do it by cascading two older, cheaper APs, like this [slashdot.org] .

Re:Encrypted private *and* unencrypted open wi-fi (0)

Anonymous Coward | more than 6 years ago | (#21985290)

ON linux...actually im not sure how well linux wifi boxes work, but if a normal AP can offer WPA1 & WPA2 (even using tkip for 1 and AES for the other), im sure that technically hosting an open and closed network is possible, so its just down to software to make it possible.

btw, do WEP networks count as open? I mean if you leave your front door open your inviting neighbours round even if you do close your gate.

Re:Encrypted private *and* unencrypted open wi-fi (0)

Anonymous Coward | more than 6 years ago | (#21985390)

It would require special firmware, but there's nothing preventing it the hardware side. The router just negotiates various connections, and internally decides how to filter them.

It would be a really great mode to have on routers: they should internally run two sub-nets. One encrypted (that can the see physically wired LAN, too), and one completely open (that can't access the LAN, and can only access the internet).

The router should also prioritize traffic on the LAN/encrypted-wifi over any traffic over the open access connection. That way wifi is available to guests (and even neighbors, if they need it) without it actually reducing your own network speeds. Frankly I wish that all routers worked this way (and shipped with it active by default): it would be awesome to be able to grab a wifi signal when needed, no matter where you were...

Re:Encrypted private *and* unencrypted open wi-fi (1)

cheater512 (783349) | more than 6 years ago | (#21985604)

There is nothing *technically* stopping you as long as both use the same channel.

Its just up to the firmware of the device which determines what it can do.
There certainly are some which can do it without much hacking.

Re:Yeah! But firmware and software changes would h (1)

Zenaku (821866) | more than 6 years ago | (#21985240)

I'd like to amend your number 1 -- I want a scanning mode that doesn't waste my time telling me about all the encrypted or mac-address locked networks, and also doesn't waste my time telling me about the "open" networks that don't actually give me any access until I open a browser, try to load a URL and get redirected to their own little page where I have to log in with a code to show that I've paid for a 24 hour pass or some shit.

I'm not saying nobody should offer such paid public access points, just that I'm sick of having no way to know that they aren't really open without trying them.

Re:Yeah! But firmware and software changes would h (0)

Anonymous Coward | more than 6 years ago | (#21985264)

Americans need to stop reflexively calling sharing 'stealing'.
Hate to break it to you, but forced "sharing" without the owner's permission is stealing...

Re:Yeah! But firmware and software changes would h (1)

teh kurisu (701097) | more than 6 years ago | (#21985316)

2. Basestation/routers need a simple-to-configure mode where they will let others into a separate subnet that goes straight out to the Internet but does not see my home computers directly.

++

3. (Brain software/mindset change.) Americans need to stop reflexively calling sharing 'stealing'. You've been trained into this terminology by those who have already stolen everything and don't want you to get it back.

Sharing WiFi is fundamentally different from sharing copyrighted material. I don't get why people have an issue with it. If you clearly mark your SSID with something like 'FreeWiFi' there's not even a legal or ethical problem in using it.

Re:Yeah! But firmware and software changes would h (1)

SuperBanana (662181) | more than 6 years ago | (#21985574)

1. Clients (laptops) default installed wifi software (hint: Steve Jobs are you reading???) need a scanning mode which does not waste my time telling me about all the password or mac-address locked wifi basestations, and only advises me about open ones.

Leopard shows padlock icons next to locked networks. For at least two prior major OS revisions, you have the option to be told about open networks, and/or join them automatically.

Do you have any idea how much of a problem this is for IT people dealing with laptop-equipped employees, both from a security standpoint and a troubleshooting standpoint? (BTDT. User could not send mail half the time. Turns out his laptop was alternating between his network and his neighbor's. The neighbor's blocked outgoing SMTP.)

3. (Brain software/mindset change.) Americans need to stop reflexively calling sharing 'stealing'. You've been trained into this terminology by those who have already stolen everything and don't want you to get it back.

No, nerds need to stop reflexively assuming that common law doesn't apply to them. I remember 10 years ago listening to people justify [running exploits against / breaking into] computers they don't own, in ways eerily similar to how people justify using access points that do not belong to them that are connected to private networks that don't belong to them, which are connected to the internet via connections paid by someone other than them.

If I hand you the key to my car, that's "sharing". If I tell you "the key is on top of the left front tire, feel free to borrow it tomorrow", that's "sharing."

If I leave it in my driveway with the key in the ignition and the doors unlocked, that is stealing. And if you walk in my front door, your ass is still going to jail.

Re:Yeah! But firmware and software changes would h (1)

kwerle (39371) | more than 6 years ago | (#21985600)

1. Clients (laptops) default installed wifi software (hint: Steve Jobs are you reading???) need a scanning
mode which does not waste my time telling me about all the password or mac-address locked wifi
basestations, and only advises me about open ones.


You need to upgrade to leopard. It shows a little lock next to the names of locked down wifi.

Ethics by analogy (4, Insightful)

crow (16139) | more than 6 years ago | (#21984960)

This is an ethics by analogy situation. Everyone arguing over whether it is right to use unsecured wi-fi connections bases their arguments on analogies, and depending on the analogy, reaches a different conclusion.

As I see it, if someone left their wi-fi open, then either it was intentional, or they're too clueless to notice (or care) that I'm reading my email.

Re:Ethics by analogy (1)

ProteusQ (665382) | more than 6 years ago | (#21984992)

if someone left their wi-fi open, then either it was intentional, or they're too clueless to notice (or care) that I'm reading my email.


In my case, it's the first reason. Why not be generous sometimes?

Re:Ethics by analogy (4, Insightful)

plague3106 (71849) | more than 6 years ago | (#21985244)

Fine. Go to said person and tell them "your network is not secured, so I'm using it to read my mail." Tell me if they care or not then. Seriously, just because someone doesn't know their WiFi is not secured doesn't mean they won't care that you're using. They just don't know.

Re:Ethics by analogy (1)

SCHecklerX (229973) | more than 6 years ago | (#21985446)

How is using something that your laptop connects to without any effort an analogy? If you don't want to share your connection, even just turning off broadcasting will stop legitimate clients from using you automatically (but if you took the effort to do that, you likely enabled privacy settings too).

It's pretty bad when I sit in my living room, forgetting that my 802.11 configuration was for'any' SSID and swear about WTH can't I get to my local servers? :-)

Re:Ethics by analogy (1)

hernyo (770695) | more than 6 years ago | (#21985464)

The problem is that not all people know how to set up their router; most of them don't even know that others can connect to their network. Most people know nothing about their computer, their connection, they just want to click the mouse and see youtube on the screen. They might even not know that they have a router, or the router has wifi. Or, probably, "what the heck is wifi"??

Insecure WiFi (1)

gnarlyhotep (872433) | more than 6 years ago | (#21984998)

Just get it a bigger antenna, it'll feel much better compared to wired networks in no time.

"Insecured" Wi-Fi (4, Funny)

wcrowe (94389) | more than 6 years ago | (#21985014)

"Insecure?". Yeah, nobody wants a clingy Wi-Fi.

Usually not stealing (3, Interesting)

totallygeek (263191) | more than 6 years ago | (#21985040)

Another side to this is to consider that some people may actually allow access. I used to. I had an SSID of JUMPONFREE. I did this for two reasons: one to give Internet access to people in my apartment complex if they did not want to pay for it themselves, and two because I incorporated transparent proxying and compiled lists of visited sites (as well as port mirroring on the switch to track protocol usage). You don't have to concern yourself with abusers if you set up traffic priorities and/or bandwidth limiters. I am not alone, as I have seen many cleverly named SSID's indicating the owner is not just some non-configuring noob, but rather someone that cares enough to share.

Re:Usually not stealing (5, Insightful)

zappepcs (820751) | more than 6 years ago | (#21985448)

Not only might you want to give away unused bandwidth, but look at the reasons people are telling us we should not give it away:

- You might be blamed for illegal file sharing or spamming
- You might be held legally responsible for what other do
- You might be the victim of malicious users
- You might.... nevermind, all the reasons are to protect you from people who would sue you. What does that say about the world?

Lets throw some other analogies out there:

You shouldn't stop to help a stranded motorist because they might attack you or kill you
You shouldn't give people advice because they might sue you for using it badly (lawyers & doctors)
You shouldn't leave objects in your lawn in case someone trips and sues you
you.... getting the picture?

You are NO LONGER free to do as you wish with what is yours because other people control what you do, either directly, or indirectly as a consequence of fear of what they MIGHT do. If gun makers are not responsible for what people do with the products they make, you should NOT be responsible for what people do with the bandwidth you gave them to use.

If we can be held responsible for what happens across our open APs, then the ISP can be held responsible for what goes across its network.

In the end, common sense and reasonable thought dictate that the person who does the spamming or file sharing is responsible. If you leave a gardening tool in your lawn, and a person trips on it and hurts themselves, who is at fault? If you put a bench in your yard where people can sit and rest and some kid pushes another who then falls and cuts his head on the bench, who is at fault?

I know those don't fit perfectly, but the point is that just because you helped to create something, you are NOT responsible for the use of it. Leaving your car unlocked is a good analogy: if someone takes it, they are stealing, and just because you did not do all that you could do to prevent them from taking it does not change the fact that they stole it.

In another thought, holding the AP owner responsible is like trying to treat them as network security experts under the law. Insurance companies, police departments, all sorts of people work to inform you how to stop someone from stealing your property but does anyone do public service announcements to tell you how to stop people from stealing your bandwidth? Can you get insurance to protect you from bandwidth theft? or to compensate you when the **AA are suing you?

Is a bus driver culpable if he drives the bus that a bank robber used to get to the bank he robbed?

This goes on and on, but the point of holding you responsible for what others do with something you gave them (without the intent of doing so for malicious or nefarious reasons) has been proven in court already. Gun makers are not responsible for any deaths that happen from use of their products. Game over.

The flaw in Schneire's logic. (4, Insightful)

Vellmont (569020) | more than 6 years ago | (#21985062)

Everything Schneire says is true.. for Bruce Schneire. Not everyone is as adept as he is in configuring a computer to be secure. I'm OK, but I'm likely not vigilant enough to keep everything as secure as it should be (and thus I have WPA encryption on in my wireless network). The vast majority of the public is just plain terrible, and has no clue how to configure their computers to be secure in an open network.

Securing your wireless network with encryption isn't like flipping a switch, but it's a HELL of a lot easier and more accessible than knowing how to secure each and every device accessible on your network. Having ONE point of entry and configuring that properly is a lot easier to maintain than having multiple, different, changing points that take continued vigilance to remain secure. Is it better to keep each device secure on any network? Sure.. but how many people have the time, patience, knowledge, and ability to do that? Not many.

Re:The flaw in Schneire's logic. (1)

GrenDel Fuego (2558) | more than 6 years ago | (#21985216)

Yeah, that is my biggest concern here. In a perfect world everyone would secure their systems (or vendors would design systems securely) so that being on the local LAN did not grant any special privileges. But with that not being the case an open wireless network lets people access the files you accidentally shared out, compromise the system you forgot to patch or sniff your e-mail that you never setup SSL/TLS for.

Re:The flaw in Schneire's logic. (0)

Anonymous Coward | more than 6 years ago | (#21985422)

There's a deeper flaw, not to mention one which he'll very likely encounter in the case that he ever run into the situation from a legal standpoint. Quoting his blog:

And yes, if someone did commit a crime using my network the police might visit, but what better defense is there than the fact that I have an open wireless network? If I enabled wireless security on my network and someone hacked it, I would have a far harder time proving my innocence.

Plausible deniability DOES NOT WORK IN COURT. Try the recent arrest of a German Tor server operator [cnet.com] . That "I don't keep logs!" sure helped his case; he still was apprehended and taken down to the station, despite the police later letting him go. This will very likely keep happening over and over and over until finally the operator says "Is this really worth it? I spend 2 days a week at the police station, it's impacting my day job, tainting my resume, etc."

Another example is open relays and spammers. Back in 2002, Verio (ISP) shut off John Gilmore's internet access [toad.com] because he was *knowingly* running an open relay. Feigning innocence didn't help his defence any; and although I do respect what Gilmore was doing (in the sense that the Internet at one point had no concept of open/closed relay, because spam wasn't a problem) and I understand his logic, he still has to be held liable for what packets go out of his network.

The exact same logic applies here. Therefore, the instant someone does use Schneire's 802.11 network for deviant purposes and the cops show up, he *will* be going down to the station, he *will* need a lawyer, and he ABSOLUTELY will be held responsible for what goes out from his network. And although I hate 802.11's retarded security-through-absolute-annoyance implementation (WEP64, WEP128, WPA, WPA2, WUtterFuckingShitPack), and would much rather run an open wireless network myself *solely for the CONVENIENCE*, I can't -- and won't.

Re:The flaw in Schneire's logic. (1)

Reader X (906979) | more than 6 years ago | (#21985562)

I'm sure he can secure his computer, but I wonder how well he can detect man-in-the-middle attacks.

He's being an idiot. (4, Insightful)

Anonymous Coward | more than 6 years ago | (#21985090)

That's just inviting trouble.

If "Something Bad" were to happen from your IP address, there -will- be a knock at your front door in the early morning. Trust me.

"Something" happened to my personal email server several years ago, and I had federal agents at my front door at 1am. I don't know what the heck happened - they wouldn't give me any details - but they seized my email server, and every computer in my household, even though their search warrant was only for the server. You don't tell them "no" - all that means is that they wait for the search warrant to be signed, and THEN they wreck your place searching. Much better for everyone involved to be cooperative.

Cost me thousands of dollars in a retainer fee to a lawyer, I had to take a polygraph exam, and it took almost 2 years to get all my "stuff" back. That was 2 years where I was fearful for my job, worried about keeping my family afloat, worried about just about everything. My wife lost ALL of her graduate school work, and had to re-do most of it to turn in her final portfolio. Talk about miserable.

And I STILL have no idea what that "Something Bad" was. And it didn't even happen at my house - it happened at my hosting ISP where the email server lived. It didn't matter that *I* didn't do it. I still had MY stuff taken from my, *I* still had to go take the polygraph exam, and *I* was still on the hook for 2 years.

So yeah - keeping an open wireless network is just ASKING for trouble. If you want to deal with federal agents in the middle of the night, well, be my guest. You can talk the talk about how you'd tell them to go away, and how they'd have no proof, etc. etc., but unless you've been there, you have no idea what you're in for.

Trust me.

FON and Co (5, Interesting)

PhillC (84728) | more than 6 years ago | (#21985102)

There are already a number of organisations/initiatives around that actively encourage you to purchase their wireless routing products and then open up access to everyone.

I'm a member of FON [fon.com] , which allows you to allocate a specific amount of bandwidth for sharing if you're using one of their routers - say 1MB of your 8MB ADSL, which neatly overcomes the first poster's issue of not having enough bandwidth for their own nefarious purposes. After being a member of FON for 12 months they actually sent me three free wireless routers at Christmas, which I gave away to friends hoping that they too will join and share bandwidth.

There's another company I heard about, US based, that does something similar, but I can't think of their name right now.

However, I wonder about my ISP's stance regarding sharing WiFi for free with others. Does it violate their Ts&Cs? Do I care enough to actually find out? No!

Re:FON and Co (1)

PhillC (84728) | more than 6 years ago | (#21985426)

Meraki [meraki.com] is the other company I was thinking of. Like FON, they supply wireless hardware with the express aim of you sharing your connection. The Meraki stuff looks quite good too in terms of having an extended connectivity range.

unsecured wifi preferred (1)

ChrisThilges (1216808) | more than 6 years ago | (#21985106)

unsecured wifi preferred!!! secure wifi provides little to no security and is at best an inconvenience to encourage users to buy their own overpriced internet connection

Need help Here (1)

Sanat (702) | more than 6 years ago | (#21985126)

BS writes:

"The accused's chance of winning is higher than in a criminal case, because in civil litigation the burden of proof is lower. "

I am having a hard time parsing this sentence. Should it be "accuser's" rather than "accused's" or have I just got a mental blank about this sentence. Maybe change "winning" to "losing".

Re:Need help Here (1)

mcmonkey (96054) | more than 6 years ago | (#21985618)

"The accused's chance of winning is higher than in a criminal case, because in civil litigation the burden of proof is lower."

If you go to court accused to downloading something bad, you have a better chance of winning (not guilty) in criminal court. The burden of proof is lower is civil litigation. Think OJ--not convicted of murder in criminal court, but still found libel in civil.

Correct my if I'm wrong (4, Interesting)

Seakip18 (1106315) | more than 6 years ago | (#21985178)

But I thought the best way to browse securely was have all traffic sent to your home server, encrypt it, and forward to the laptop. This was because you assume your home network is inherently more secure. With is approach, you are leaving your home network, including your significant others, at risk. Especially those who are not savvy enough to apply updates and maintain anti-virus.

While I understand the anonymity helps his secure network stand out, all those open networks are just waiting for a guy with a little time and knowhow to start doing many bad things, say, man-in-the-middle. Just because you are blending into the pack does not keep the lions from eating one of you.

Now then, it IS his network at home, so he can do whatever the heck he feels like. And I do understand his social aspects of looking at WiFi as another resource for the public. But that does not free you from liability regardless of how little or insignificant it may be or stupidly enforced.

To me, it sounds like he doesn't want to roll up his sleeves and do some dirty work with port-forwarding, SSH-ing, and proxying. With those, you can enjoy quite decent browsing while away AND understand that your weakest point is at home.

On an unrelated note, where does this guy live?

My printer means "Closed Network" (1)

nweaver (113078) | more than 6 years ago | (#21985184)

I use WPA. Why? Because on my parents network, they want to use file sharing between their desktop and their laptop. On both mine and my parents, there are networked printers.

But I write down the password on the router, and anyone who visits in person is welcome to use it.

Does Bruce not use a home printer? Share files between home computers?

What about the dumb admin/admin defaults? (1)

Besna (1175279) | more than 6 years ago | (#21985220)

Would it kill them to generate a random password and put it on the router? I love how you can muck with their settings remotely. Lock them out so you have more bandwidth!

I am a Sharer (1)

RobBebop (947356) | more than 6 years ago | (#21985230)

For several years, I ran an open connection. Nothing bad happened. I doubt anybody used it, because it was in an apartment complex with mostly older, non-tech savvy individuals. But it was there.

I have since moved, and found an open network in my area. I browse, chat, e-mail, do occasional software updates, and occasionally download free music [jamendo.com] . I stream a Sirius radio audio connection from time to time, but that is low bandwidth. No streams of pirated movies. No infinite queues of warez or copyright infringing music. No password sniffers. Not even a packet sniffer to see what else is going on.

I protect myself by keeping a close eye on all of my accounts (and keeping the list of accounts that are important to me SHORT).

Meanwhile, the sharing provides me with enough personal entertainment to make me justify to myself NOT paying for cable TV (I have an antenna, but the signal is mediocre). But that fact is good too, because it gives me more of an incentive to visit friends when there is actually something on TV that I want to watch.

So, yeah. Agree with Bruce. Stealing/sharing Wifi is the way to go!

And the guy who compared using an Open Wifi connection to downloading a mp3 that infringes on a copyright is an idiot. The Wifi connect is not a creative work which an artist created. It is a service/utility. The fact that it can be trivially shared (unlike phone, heat, or electricity) is a bonus.

If advertised as open... (1)

dazedNconfuzed (154242) | more than 6 years ago | (#21985262)

If you've got a router broadcasting to the world "I'm here! I'm open! I'm free!" and handing out DCHP IP addresses on request, using it ain't "stealing".

Kinda like having a doorman shouting "C'mon in!" to passers-by and handing full-access visitor ID cards to anyone who walks in.

Scary thing is... (1)

Harliquin_Fool (966363) | more than 6 years ago | (#21985266)

I know certain other geeks who run around looking for unsecured wifi access ports and use them as they are driving. its weird how many people do not have a secure access point. one of my friends even has a tie that buzzes when he is around an unsecured access point...its rather creepy and funny at the same time. also, for those in the superspy business, http://www.thinkgeek.com/gadgets/watches/9313/ [thinkgeek.com] has a watch that can detect wifi points...perfect for the discrete wifi thief

Dorm room fun with others wifi (1)

psychicsword (1036852) | more than 6 years ago | (#21985280)

In my college dorms when we see an unencrypted network with the basic "Netgear" or similar SSID we hop on it change the password and encrypt it and set the SSID to "Dumbass" after using it for bittorrent for a while of course. It will last like that for a few days until they realize they forgot the finish setting up the network. Most people now have their's fully encrypted and passworded with the SSID not broadcasting.

Hardly stealing in most cases (1)

SCHecklerX (229973) | more than 6 years ago | (#21985360)

I mean, with windoze (and linux, if you set it up that way) automatically associating with any open AP that advertises, is it really stealing?

In my neighborhood, there are a number of 'belkin54' and 'linksys' APs advertising default SSIDs and networks with no privacy settings.

Now, if you log in to the device (which likely has a default password too), and change any setting, that is definitely tresspass (despite the utter lack of security). But as far as just using it goes? How can you be accused of stealing something when it is automatically just given to you when you turn your laptop on with no nefarious action whatsoever on your part? Breaking WEP keys, although easy, would be IMHO stealing. Using a wide open AP that not only allows you to connect, but encourages it? I don't think so.

he says "it's basic politeness" - rubbish! (1)

petes_PoV (912422) | more than 6 years ago | (#21985378)

In the article the guy says it's just like providing heat and light to guests. Fine, why not give them all your money, too. Why not take the fall when your "guests" are pulled for speeding, or online fraud?

By providing free internet access, you are effectively saying that it's OK for someone you don't know to commit crime and to have no defence when the cops come knocking on your door. The "it wasn't me, it was someone else" defence stopped being credible years ago and could easily wind up with the freebe provider getting the blame for other poeple's criminal activity.

He says that he doesn't think "there's much of a risk". Ha!, let's see how far his "good manners" get him in jail!

Peace and Happiness (0)

Anonymous Coward | more than 6 years ago | (#21985576)

Stealing wi-fi is good and it will make the world a happier, greener place.

He's right when he says it's a trade off (2, Insightful)

joebagodonuts (561066) | more than 6 years ago | (#21985586)

"Security is always a trade-off. I know people who rarely lock their front door, who drive in the rain (and, while using a cellphone) and who talk to strangers..."

Plenty of people worried; "Oh someone might download kiddie porn and I would get blamed", "Oh, someone steals my information", "Oh, someone might download riaa music..."

If you walk around in fear of things that never happen to you, then by all means, lock your stuff down - even better, stay off the net entirely! Then maybe you'll feel safe. Oh wait, you don't want to feel safe, you want to be afraid and worry.

"This happens everywhere/all the time" - is a dangerous mindset when watching TV (or surfing /.)!

Don't steal my sound waves (0)

Anonymous Coward | more than 6 years ago | (#21985612)

Like my Wi-Fi which I PAY FOR, I am also a good Canadian Citizen and I buy all of my music. When I am outside shoveling the snow listening to my music I don't want any of you listening to it. I paid for it damn-it, and it really pisses me off to see people walking down the street past my house and stopping to listen to the music that they didn't pay for.

OK so the music thing doesn't make sense, neither does the open wi-fi argument. If there is no security on wi-fi then it is OPEN, and using it is not stealing unless you have to trespass to get it. However as soon as there is some sort of security on it, even if it is a stupid password like 'asdf' then cracking the password and using it is theft.

Just dont leave it open (0)

Anonymous Coward | more than 6 years ago | (#21985624)

In a college town.

If somehow my router got reset by one of my roommates and was then unprotected for a short time, eventually my network would slow down to a standstill from all the people trying to download crap through my connection.

At my house in Suburbia, I agree there is no problem at all.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...