back to article More remote workers squatting next door's broadband

The number of workers in the UK who admitted they "hijack" the wireless connection of others has gone up from six per cent to 11 per cent over the last 12 months. Globally the figure is 12 per cent*, with big increases all over the world. That's among the findings of the second annual survey of remote working commissioned by …

COMMENTS

This topic is closed for new posts.
  1. Senor Beavis
    Unhappy

    Illegal in the UK

    Goodness knows I'm not a law pedant, however I remember some poor sod was prosecuted for using the free WiFi connection of an internet cafe from outside. If I recollect correctly, it constituted tresspass. If the luckless soul had bought a coffee before doing exactly the same thing, he'd have been fine.

    Point is: just because it's free, unsecured (or still on default passwords, natch), you're not supposed to hook up without the consent of the WiFi owner. It's bad, m'kay?

  2. Stu Pid

    Genius

    My neighbour doesn't know so it's OK

    Fantastic, I'll use that one when sleeping with my neighbours wife!

  3. Anonymous Coward
    Anonymous Coward

    lol

    if your neighbour is too thick to secure its wireless connection then it doesn't deserve to have a wireless connection.

    End of story.

  4. Adam Williamson
    Paris Hilton

    Wireless security stories

    I'm sure there'll be a lot, but here's mine.

    I was making some tweaks to my wireless router configuration the other day. Half-way through, I was logging into the admin interface once more when suddenly my password stopped working. After a couple of attempts, I thought "well, maybe somehow the router got screwed up and reset itself to factory settings", so I tried the factory default username and password, and it worked.

    It was only once I'd logged in and was about to start rejigging the settings that I realized I wasn't logged in to my router at all. Mine was working fine, but during the seconds it was down, my wireless card had automatically associated with the AP of someone else nearby. Yep, they're running without any encryption and using the factory username / password. Sigh.

    Use of Paris icon ought to be obvious...

  5. Robert Long
    Heart

    Call me an old socialist but..

    Frankly, if I can set outsiders to have a lower priority than my own traffic then I'm happy for them to use my spare bandwidth. Why not?

  6. Brian Miller

    Probably not a security risk

    Simply using someone's open WiFi connection really isn't a security risk. Hopefully the company's IT is dilligent enough to put or require anti-malware on the machine, and the VPN connection won't have a problem.

    What would be a problem is if the worker's machine doesn't have any, or badly configured, filewall or anti-malware. The neighbor's machine could be infected, and then it could infect the worker's machine. But if the worker's machine is misconfigured, it would be infected any time it connected to a public network.

  7. Anonymous Coward
    Anonymous Coward

    Really bad excuses

    What's the bet that the "I can't tell if I'm using my own or my neighbour's wireless connection" excuse came from someone working in the IT sector?

    Secondary to using someone else's wifi connection to do illegal stuff online and hence have any blame pointed to the unwitting wifi router owner, the main consequence to someone jacking in to your internet connection is bandwidth usage, if you're on a low GB/month service then there's a chance the jacker could tip you over the edge which would either cost you in the wallet or the connection speed depending on the ISP's bandwidth usage policy.

    Ok this probably sounds somewhat hypocritical but I do have access to my neighbours wifi net access but have only used it when my own ADSL connection is for some reason or another screwed (a rarity), and only then used it minimally, very light webbrowsing & email - no file downloading or the likes of youtube because I know they don't have unlimited connections.

  8. Anonymous Coward
    Paris Hilton

    Another reason that

    "remote workers feel less urgency to be vigilant in their online behavior" is that the companies for which they work have often introduced draconian and unnecessary security protocols, which IT professionals feel insulted by.

    When they feel insulted, they tend to simply bypass the security when they can. If you treat them as kids, they'll behave as kids. If you insist on them having 20 passwords and changing them all once a month, you shouldn't be surprised that they write them down.

    By all means lock down advanced features for those who are simply using a computer as a dumb terminal, but for those of whose who need to use our machines as computers (yes, some of us really do!), it would be nice if our managers could give us some credit for knowing best how to do our jobs, rather than just spending their time trying to cover their backsides. It's interesting how often these people need full use of their computers to knock up a few spreadsheets, but they expect me to write complex software with a crippled dinosaur.

    Paris, because she's a walking dumb terminal.

  9. Michael Martin

    Rationalizing bandwidth theft

    Fortunately, as long as you don't saturate someone else's wifi (and as long as you don't put such a drain on it that you overrun their hidden download cap), you aren't doing any damage. I tend to justify my use of other people's wifi by having a public access point for when people are in a bind and -my- wifi is the convenient one.

    Although I make sure my computers on the network are locked up tight, and the e-mail port is blocked to prevent spamming from my IP address... and if someone -does- saturate my wifi for any length of time, their MAC gets banned.

    I can force others to be fairly conscientious when using my access point, but I'm the one forcing myself to be conscientious when I'm out and about. Those who 'borrow' others' wifi should all behave similarly so the public service doesn't disappear. If it's permitted, it's not theft!

  10. Martin Usher

    What a load of C**p!

    Its like this story gets planted at regular intervals for a specific purpose -- the language is the giveaway. Users are "hijacking" a neighbor's connection, remote workers are "unconcerned" about security and so on. We, as technical people, should treat this article with the contempt it deserves.

    First up, if you don't want your AP to be used by the public, secure it. Some people like the idea of offering connectivity, some don't. The choice is theirs.

    Secondly, if you're a remote worker then you're almost certainly using a VPN. If you're using a Windows computer (probably) then the thing should be equipped with decent anti-virus and firewall software to keep probing code out. The VPN should deal with keeping work data confidential.

    Thirdly, it is possible for random computers to accidentally connect to a neighbor's connection. It happened to me once with a lab system which, by its nature, was just a 'pure' XP release. It caught a virus in about 20 seconds. I learned my lesson.

  11. Adam Williamson

    Robert Long

    Ultimately it'd bankrupt all the ISPs.

    Given current technology they can only provide people with a 10mbit connection for 25 quid a month or whatever on the basis that they don't actually use it all the time. No ISP has anywhere near enough backhaul for all the connections it provides to actually be 100% (or even 20%, really...) utilized at once.

    If everyone was sharing everyone else's internet connection, the ISPs would see their revenues decrease and their usage increase, simultaneously and significantly. Result: massively degraded connections and ISPs with no money to upgrade the backhaul.

    It's not that a system where there were far fewer points of connection direct to the ISP couldn't work out for all parties concerned - but it'd require a much more sensible transition strategy than "let's all buy a wifi card and cancel our DSL contract". In the same way as shared apartment buildings can get bulk deals for cable TV, it would certainly be possible to build a system on this model, but doing it on the basis of half a neighborhood sharing one 30 quid a month connection is just not going to work.

    Given that, if too many people start sharing their connections intentionally, ISPs are going to start using draconian and annoying measures (MAC restrictions, black box routers and the like) to stop people doing it, which isn't ultimately in anyone's best interest. They will *have* to do this to stay in business. Of course, they'll do it earlier and far more drastically than they strictly need to, because all big businesses are fundamentally like that - see, I'm a good old socialist too.

    Actually I'd quite like the idea of a system where you only need one connection back to the ISP per, say, 50 people, and the cost of that connection is shared out among the people. Cuts down a lot on infrastructure; it's as fundamentally wasteful to have 100 ADSL modems in one block of flats as it is to have 100 satellite dishes. But you'd have to really design the system that way for it to be viable.

  12. Matt
    Paris Hilton

    The Neighbour's wireless

    I went out to someone the other week to fix their Wireless Internet problem, when I asked them who provided their service, they looked at me blankly. Next I asked to see their wireless router, but they didn't have a clue what I meant. Turns out that they'd bought a laptop a year ago and assumed that their neighbour's wireless was 'just the wireless Internet that came with the laptop'. I'd already fixed the neighbour's computer and added WPA security a few days before. Needless to say, she was not happy that I advised her to start paying for an ISP instead of "sorting out the fault"...

  13. Mark
    Thumb Down

    Re: Rationalizing bandwidth theft

    So your router only has so many 1's and 0's and they are a scarce resource?

    No.

    About the only way this could be "bandwidth theft" is if the owner of the link didn't want to share and was limited in their download capacity. If they weren't using it at the time, it made no difference to them.

    But if being unable to access the internet by the owner is to be considered "theft", then when the network is down, that is theft of service by the ISP. If using up the download cap is theft, then throwing away any unused download cap is theft by the ISP.

    You sure you want to go there?

    If you don't want to share, close your network.

    If you can't, pay someone to do so or get legislation that any AP must default to closed and you must configure it open. Have the password/key printed on the device in the same way as the Mac address is printed on network cards and devices.

    If someone comes through even the weak WEP protocol, they KNOW they broke in.

  14. Anonymous Coward
    Happy

    remins me of a support call a couple of weeks ago....

    Usr phones up my colleague, he's "visiting family" for the weekend and needs help getting on their wireless using his works laptop.

    After about 5 minutes of talking him through it we ask him what the network id is

    "No idea, its not mine"

    "OK go as the family member who set it up and get the wireless key as well"

    "Oh right, theres a couple of networks showing up here"

    "Yes but you'll still need the key"

    "But they aren't around just now, can't i just connect to someone elses?"

    He called back 4 times over the next hour and a half trying to convince someone to talk him through jumping onto next doors network - we didnt break it to him there were only 2 of us on that afternoon.....

  15. Mark
    Boffin

    @Adam Williamson

    I did some checking.

    An OC3 pipe (155Mbps) costs about $5000 a month (US figures, but if it's £5000 we're getting ripped off badly).

    Most places that are confident enough to print contention ratios show 50:1.

    Since ADSL doesn't seem to be able to get many people 8Mbps, we'll make the maths easier and call it 5Mbps.

    So that's 31 5Mbps connections with each connection given to 50 people. Call it 1500 users. That's about $3.50 each. £2. Even 20Mbps comes to £8. A month.

    I've also heard that bulk transport rates across backbone is about $0.06/GB. 3p a gigabyte.

    OK you have to pay the workers at the ISP, the routers etc. But that's a fixed cost and doesn't increase with the bandwidth they use. And much of that is because they spend a lot of time trying to stop people using it.

    If you've got UK figures, put them here.

    But it doesn't look like £20pcm is in danger of a loss if they double capacity for an extra £2pcm loss of profit...

  16. Mark

    @Stu Pid

    Presumably the woman knows, Stu.

    If she's OK with it, then there's nothing illegal. If the bloke kicks the crap out of you for it, that's assault.

    If she ISN'T OK with it, then that's called rape.

    Green?

  17. Anonymous Coward
    Pirate

    A possible solution

    fon.com

    or if you're on BT Broadband

    btfon.com

  18. steogede
    Paris Hilton

    @Stu Pid

    >> My neighbour doesn't know so it's OK

    >>

    >> Fantastic, I'll use that one when sleeping with my neighbours wife!

    If he is as good at securing his wife as he is his WiFi - you best not forget your rubberwall.

    BTW John Leyden - "Thou shalt not covet thy neighbour's Wi-Fi" Lester Haines must be spitting

  19. Anonymous Coward
    Pirate

    Wires...

    ...hard cold solid fixed wire networks. Do not mess with the evil wifi demons!

  20. Simon
    Alert

    I don't see how it's illegal.

    My computer asks their router if it's okay to connect. Their router either says yes, come on in, or no give me a wep key (or just straight out no).

    As long as their router is configured to say yes please use me it can't possibly be theft.

    If you come to my house and knock on my door and I say come in, and you come in, is that tresspassing? I don't think so...

  21. Adam Williamson

    @Mark

    Well, er, you're sort of missing the point. You're factoring in a contention ratio of 50:1. The contention ratio is the whole *point* of my post. That's what I mean when I say "No ISP has anywhere near enough backhaul for all the connections it provides to actually be 100% (or even 20%, really...) utilized at once." That's the whole reason contention ratios work - because not everyone uses their connection at full speed all the time.

    The whole point of my post is that if lots of people share a smaller number of connections (rather than one person per connection, or only a single household per connection), those contention ratios just aren't going to work any more.

  22. Tim Bates
    Thumb Up

    Free for all

    I'm with Michael Martin and Robert Long... At the moment we don't actually have our wireless open for all, but I plan to by the end of the year (need time to set it up).

    My plan is:

    Open WiFi on broadcast SSID tagged to VLAN 2 (or some other number).

    Private WPA secured non-broadcast SSID on VLAN 1.

    Switches configured to keep open wifi off our LAN.

    Router configured to limit bandwidth and ports available to open wifi users.

    BTW, my APs are HP Procurve 420's. Brilliant devices but expensive unfortunately.

    And yes, this is at home :-)

  23. Anonymous Coward
    Unhappy

    To all those people who think it ISN'T theft or a crime...

    ...if you're in the UK I'm afraid the courts would disagree.

  24. TeeCee Gold badge

    Bollox stats?

    48% admitted to opening dodgy emails. I'm surprised it's this low, done it meself a few times. How many went on, once they'd established the email in question to be dodgy, to actually read it through and open the attachment?

    Thought so......

  25. Jason Clery
    Paris Hilton

    @Simon

    Simon, your example is more like:

    I knock on your door, there is no answer.

    I try the handle, your forgot to lock the door.

    I come in, and take food out of your fridge and make coffee.

    I sit down and watch your telly, and that video tape you made of you and the mrs.

    I leave.

    You are an idiot for not locking your door, but I have still committed trespass and theft.

    The icon is Paris, because of the video tape

  26. IanKRolfe

    @Robert Long

    "Frankly, if I can set outsiders to have a lower priority than my own traffic then I'm happy for them to use my spare bandwidth. Why not?"

    Because when someone parks outside your house and uses your connection to download kiddie porn or surf terrorism sites, do you honestly believe the "unsecured wifi" defence will work in NuLabour Database Britain? All I know is, I'm not the one to be taking that chance.

  27. Pascal Monett Silver badge

    "the internet is becoming safer"

    Oh . . my . . God.

    Anyone who actually believes that should be slapped with a restraining order forbidding him/her to go anywhere near a keyboard or mouse.

    The internet is certainly NOT becoming safer - if only because the skript kiddies of yesteryear have now been replaced by hardened criminals that are intent on getting your money and are ready to do any and everything needed to get there.

    Today's spam is not just a useless nuisance in your mailbox and on the network, there is a very good chance that it is actually a possible trojan that seeks to hook into your computer like a parasite and find your banking details.

    Same thing with dodgy websites.

    Going on the internet is like taking a stroll through the bad part of town at night - in your underwear with your money in hand. If you don't beef up your security measures, you're just begging to get mugged.

  28. Paul van der Lingen

    @ Simon

    Yers.

    but, if you walk up to my house and the door is not locked and you let yourself in, that's trespass. And if you take anything (even if I'm not using it and don't want it) - that's theft.

    Should I have to lock my doors all the time to stop people coming in?

  29. Mark
    Unhappy

    @Adam Williamson

    But the £20 per month would allow 5:1 contention. And if the ISP was expecting people to use no more than 1/50th their connection, they'd see nowt during the day when people are off at work, so a dayworker is using bandwidth that isn't being used.

    See what I'm saying? The cost to handle TWICE the load they have is 10% of the cost they ask of the customer. So halving the problem is cheap.

    But they'd rather claim it was stealing bandwidth so they don't have to pay out.

  30. mr.K

    @Stu Pid

    You should try out the other exuses also when banging your neighbours wife: "It's more convenient than using my 'wife'." or "I can't tell if I'm using my own or my neighbour's 'wife'."

  31. Mark
    Thumb Down

    @Jason Clery

    Jason, how about I walk past your house and your curtains are open. I can see SkyTV Movies Plus being played. Have I now "stolen service" from you or your cable provider?

    Please remember that using WiFi means that you DO NOT have to trespass. Tresspass (as you pointed out in your detailed scenario) requires that I WALK on to your property. Not that I'm near it.

  32. Mark
    Flame

    @Paul van der Lingen

    Paul, if you invite me on your property and then shoot me down for trespass, this is murder (even in Texas).

    Simon was saying that IF YOU SAY "COME IN" it isn't trespass.

    YOU are saying IF YOU DON'T SAY "COME IN" it is trespass.

    See, both of you are right, but you were wrong in implying that Simon was wrong by asking a question.

    Would I be OK saying "Yes, but if I locked you in my house, that would be kidnapping."? 'cos you should be thinking "WTF has locking me in a basement got to do with WiFi?"

  33. Christopher Officer
    Alert

    @senor beavis

    I imagine the law that would be applied isn't trespass but the computer misuse act. If I remember correctly the act makes it an offense to access a computer or network without authorisation.

    In fact here it is:

    http://www.opsi.gov.uk/acts/acts1990/ukpga_19900018_en_1#pb1-l1g1

    1 Unauthorised access to computer material

    (1) A person is guilty of an offence if—

    (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;

    (b) the access he intends to secure is unauthorised; and

    (c) he knows at the time when he causes the computer to perform the function that that is the case.

    (2) The intent a person has to have to commit an offence under this section need not be directed at—

    (a) any particular program or data;

    (b) a program or data of any particular kind; or

    (c) a program or data held in any particular computer.

    (3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

  34. Paul Banacks
    Flame

    @ Illegal in the UK...

    That doesn't surprise me. If we don't get rid of this bloody government then at the rate they're making laws it will soon be illegal to breath without a license!

  35. bobbles31
    Paris Hilton

    It is illegal

    Under the computer misuse act, it is illegal to even attempt to gain access to a system that you aren't specifically authorised to use.

    Now then, the part that hasn't been tested in court is the automatic nature of Windows Wifi client (I can't speak for linux or other devices) is that they automatically try to connect to the nearest wireless access point and if it finds an unsecured one will connect to it automatically.

    Unfortunately, the law does not define an open public network in any terms and so this would have to be tested. Although, the chap that was arrested and convicted of stealing his neighbours wifi was convicted under the act. But if I remember correctly he was dealt with particularly harshly because knowing about the act and its implications was a specific part of his daily job.

    Paris because....hey, do I need a reason?

  36. David S
    Joke

    @Jason Clery

    Where'd you find that tape, by the way? We've been looking for it for ages... You could have washed the coffee mug too, y'tinker.

    How about the poor sod living next door to Kylie who keeps hearing her singing in her shower? Does he owe her royalties for the live performance he receives every morning?

  37. Anonymous Coward
    Anonymous Coward

    trespas

    In computer system terms

    Having your wireless name broadcast and unsecured is like leaving your door unlocked and having a tape player hooked up to loud speakers yelling for all those outside to hear -

    "THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED - THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED - THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED"

    And if you do that - you're stupid and deserve to have your house robbed.

  38. mr.K

    @Christopher Officer

    You have to seperate between accessing your neightbours computer through his or hers wi-fi, and to access the internet through your neighbours wi-fi. Those are very seperate issues and as far I can work out, that law only covers the first one.

  39. Jason Clery

    @Mark

    Apples an pears

    "I can see SkyTV Movies Plus being played. Have I now "stolen service" from you or your cable provider?"

    By stealing someone elses internet, its like you changing the channel on the Skybox, or like running a cable from their system to your house. Ask Sky if thats considered theft

  40. Anonymous Coward
    Anonymous Coward

    @Mark, re "UK figures" - look up "BT Central"

    In the UK, the most expensive bit of the picture for most people on most ISPs is the bit between BTwholesale (who provide the "access network" that connects to punters premises) and the ISP's own network (be it AAISP or Zen or anyone in between). There is also an "IPstream line rental" component which is roughly £10/month per line, less if you're in an area where LLU is catching on.

    BTwholesale call this connection between IPstream access network and ISP backbone network the "BT Central", and it is effectively priced per megabit/second, and it is very very very expensive in comparison with ISP bandwidth costs of any other kind.

    The UK LLU ISPs don't have this cost, or indeed the cost of the BT IPstream access rental, hence they can offer "free broadband" (which is usually worth every penny afaict) as part of a bigger locked-in anti-competitive bundle.

    There's lots of background facts on BT Central pricing and the impact of heavy users on (for example) www.adslguide.org.uk in their news section, just search for Central.

    Meanwhile, BT themselves are trying the "share everyone's WiFi" game - I forget what their offering is called.

  41. Simon
    Alert

    I disagree

    >Simon, your example is more like:

    >I knock on your door, there is no answer.

    >I try the handle, your forgot to lock the door.

    >I come in, and take food out of your fridge and make coffee. <snip>

    No it's not. There is an answer. There is a verification process for joining my network, and if I set it up to say come right in, then it's not theft.

    If you break in and plug your computer into my network, THAT is unauthorised because no-one said you could plug your computer in. However with wifi, you are asking if it's permissable. The person is OPENLY advertising they have a network available (They dont HAVE to broadcast their SSID). Using your analogy this would be akin to a sign on the door saying "Welcome!". Even though there is a sign it's not guaranteed they are gonna let you in.

    My wireless network is broadcasting openly, it says Welcome! and then after you step into the door it checks your credentials and says yes or no.

    Consider a library, or a guy that wants to offer his wifi for free to anyone nearby (as people on this very discussion have suggested they do), or any public access point. Isn't it the same?

    Are you suggesting if I open a shop and you walk in I am in my right to arrest you for tresspassing? The shop says Welcome and it's not locked, and being a shop that is advertising its services via a sign on the door you're not exactly going to expect it to be a crime to enter are you?

    As for the case in the UK being a one off I suggest the actual conclusion was somewhat different, or perhaps the guy failed to bring what I have said to light and merely said 'Yeah I went in last week and it said free wifi if you buy a drink and I thought heheheh I'll park outside and use it for free'.

    >Having your wireless name broadcast and unsecured is like leaving your door unlocked and having a tape player hooked up to loud speakers yelling for all those outside to hear -

    >"THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED - THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED - THIS IS MY HOUSE, I AM AWAY, AND MY DOOR IS UNLOCKED"

    Almost right, I'd actually phrase it as "I AM AWAY, BUT IF YOU WANT TO COME IN JUST ASK AND I WILL LET YOU NO PROBLEM"

    which I cannot see as a crime.

    > Under the computer misuse act, it is illegal to even attempt to gain access to a system that you aren't specifically authorised to use.

    I don't think that applies or how could I visit the register? They never said I could connect to their site but I found their website off a mate... Oh wait, that's right my computer connects, asks if its ok, and I dont get a FORBIDDEN reply so off I go...

    > Jason, how about I walk past your house and your curtains are open. I can see SkyTV Movies Plus being played. Have I now "stolen service" from you or your cable provider?

    If you don't interfere in any way, I don't believe it is theft of his service (it might be illegal for spying though!). In the same way that, if you sit your laptop on listen and listen to any wifi signals it's not illegal, but if you start transmitting then it's akin to shooting your remote control through his window in an attempt to influence his choice of channel.

    > Because when someone parks outside your house and uses your connection to download kiddie porn or surf terrorism sites, do you honestly believe the "unsecured wifi" defence will work in NuLabour Database Britain? All I know is, I'm not the one to be taking that chance.

    Now we hit the law about the guy who ran one of those whatcha callit servers, basically an anonymous proxy. Or even google if you upload kiddie porn and google indexes it. If I use wifi at a library is the library liable for my actions? I don't know how this area of the law works but it's unlikely to cause you any trouble if sharing your connection isn't illegal and you are not deliberately trying to run a child porn ring. You might have some explaining to do mind you!

  42. Anonymous Coward
    Coat

    Ummmm Electronic tresspass?

    I wonder if there is some law against my space (land and mineral rights etc) being infringed by radiation emanating from somebodies WiFi?

    @ David S - Poor sod? I'd love to have Kylie perform in the shower for me in the morning....../ummm I'll get my coat.

  43. Mark

    "access a computer or network without authorisation"

    Aye and when my computer tries to connect through your open AP, my computer asks "can I come in" and your AP authorises it.

    If a human is always required, then security locks in businesses need a lot more guards on them. After all, the only thing that otherwise authorises my access to the restricted area is that my card asks the lock "can I come in" and it says "yes" and unlocks.

  44. Mark

    "apples and pears"

    Jason, if you're at work, you aren't using the internet connection there.

    If you're emailing, you don't need 8Mbps.

    In which case, the person using your connection is using nothing that you are using. In the same way, me watching sky through your window while on the street is using photons you aren't using. If I were standing in your way, that would be different.

    So there ain't no apples and pears, it's all apples.

    What IS an apples and pears situation is your codicil at the end: that requires I walk on to your land, connnect a line to your machine and drag it to my house. That isn't needed in WiFi.

    Oh, and look at my responses earlier regarding "if limiting your ability to use the service is theft, then a network downtime is thefy of service by your ISP".

    It's only tresspass if you have some lame-ass encryption on that I break or if I spoof myself as your machine (which really is fraud more than trespass, but could be both).

  45. Anonymous Coward
    Black Helicopters

    Who's at fault...

    Who is at fault if terrorist information or child porn is downloaded from your router? Illegal music? Dodgy DVD ISOs? YOU are. Doesn't matter if it was actually a bloke sat in a car outside or the bloke next door or you. Can't prove it wasn't you? Tough. You're nicked. I have mine locked down, encrypted and switch it off at the mains when I'm not using it - over night, when I'm at work, etc. I DON't want anyone using it. Nothing to do with is it theft or not, if I could 100% guarantee that people would use it sensibly then I'd allow them to use it. And I monitor what my kids are up to on the net. Already found some things we've had to have strong words about!

  46. Simon
    Happy

    hmm

    >Can't prove it wasn't you? Tough. You're nicked.

    A court of law has to prove beyond reasonable doubt that you are guilty. If you are an average guy, with no previous convictions, no trace of porn on any of your computers, and have been running an unsecure wireless connection that people outside your house can access, I am fairly sure that there is a lot of doubt as to whether you did it or are just a victim of circumstance.

  47. Simon
    Happy

    Heh

    >In which case, the person using your connection is using nothing that you are using. In the same way, me watching sky through your window while on the street is using photons you aren't using. If I were standing in your way, that would be different.

    >So there ain't no apples and pears, it's all apples.

    Sorry I didnt include both replies together (oops)

    I think it is slightly different, because listening to radio transmissions is fine, but using someones wifi is a bit like reaching over someones fence with a long stick and doing stuff. Radio is purely listening but wifi is actually interfering with your computer. However this is a seperate issue, whether its acceptable or not is not determined by the fact you can do it, but if the person is allowing you to.

  48. Anonymous Coward
    Stop

    UK LAW...

    UK Law historically for civil cases seeks to establish the damage caused to an individual.

    So taking criminal law away for a moment; if you use someone elses wireless service, and they are not "damaged" in any mannner, i.e. they don't incur extra costs, or negative impact on what they are trying to do then there has been no damage caused. This doesn't mean that you won't be found guilty, just that the "compensation" will be miniscule.

    However I believe the computer missuse laws are criminal laws therefore they don't really care about "damage" as much and really just care about whether you can be proven to have "done it". In the case of wireless presumably a prossecutions case would focus on the arguement that you had to turn your wireless card on/ plug it in/ install drivers etc and therefore you knowingly comitted a crime. As IT professionals the prossecution would push the fact that you should have known better so ignorance was not a defence. Also bare in mind you would be on trial in front of a jury of 12 "non-techies", or an old and crusty judge or magistrates etc...!

  49. Mark

    @Simon

    And MY issue (which is why the law doesn't make sense to assume that an IT person isn't ignorant of the law: we know more about that law than the judges do) is that how do we know if the user wants us to or not?

    How can we tell the difference between an honestly open AP and one where the luser doesn't care to close it?

    So if we want this law, then from an IT perspective, permission IS granted. By nature of the protocol. It's only from a layman's perspective (Where they don't know what is supposed to happen, only what they want to happen) that there's any trespass. And so all routers should come locked down. At the very least the CD that comes with the drivers et al should have a program that turns ON the wireless point AND adds encryption. Even lusers know that if the installation CD is put in windows and the application says "please enter a password to access your wireless router (if you enter none, then anyone can access it, whether you can see them or not)" then they put in a password. That password is used as the key for other machines, where you enter the CD and it prompts you.

    Easy peasy and users already know how to work that coffee holder.

    And now we know that if there IS an open AP it is open for use (with the knowledge that the AP owner may be snooping on us).

    And that would also be my plea to the jury and judge: I cannot be held responsible for a law written without knowing what it means. If they want to make the law stick, change the default setting so you HAVE to deliberately open up your system.

  50. triky

    @ mark

    I tend to agree with you on the plea. This may be a IT centered site but computer literate users are in the minority when you compare to all internet users out there. I personally bought a Mac and when I turned it on at home, hey presto, an Airport connection. I know better. It's not my wifi, it's the travel agencies across the hallway. But someone who doesnt know is gonna think it came with the computer. Now granted that UK law (and many other European laws as well) effectively penalises wifi mooching, but that doesn't mean it's a well-thought out law. Until the pre-computer generation is replaced by the one born during the information age, then we're certainly going to see a lot of piggybacking.

    A solution would indeed be for the retailers to have the default settings so that you have to turn open your wifi to others as mark says rather than drawing up excessive regulation on the subject.

  51. Jason Clery

    hmm

    So for those who say its ok, if I walk past your house and the front door is open (you may be working in the garden, or something), then its ok for me to enter and take stuff. After all, the door was open.

  52. Anonymous John

    Re hmm

    You may well get off when the case comes to trial - several months later. Little consolation, I would have thought.

    Your house has been searched, you've been questioned by the police, all your computer equipment has been talen away, you've appeared before the magistrates at least once, you've been on bail ever since, and featured in the local paper as a suspected paedo..

  53. Andy Bright
    Flame

    Usual Bullshit Excuses.

    Stealing WiFi is stealing WiFi, regardless of whether the connection is secured or not. Nothing makes it right, and you're nothing but a leach who's too cheap to buy your own connection.

    Most of us make our money selling or fixing the computers owned by people who don't fully understand how to use them. To suggest that they don't deserve to have access to the internet is complete and utter bullshit.

    Tell you what, if you use Firefox it's okay for me to install keyloggers on your computer because I know an exploit that will allow me to do so, and you didn't turn off the exploitable feature. That must mean you're okay with my keylogging software, which means you're fine with me using anything of value that software returns. After all as long as you don't know I'm doing it, I'm not breaking any law. And as long as my data transfer doesn't use much of your bandwidth, I'm not doing you any harm.

    Hey look, I took your car without permission, but I didn't crash it so I didn't do anything illegal. After all you were stupid enough to not install an alarm system so that makes it ok for me to do so any time I want.

    Internet connections are paid for, they have value and stealing them for your own use is as real as stealing any other possession they own. You lot apparently think it's ok because either the owner won't notice you've stolen it or doesn't deserve to own it in the first place because they don't know how to protect themselves from thieves.

    Maybe learning how to secure wifi routers is easy, but even if doing so did represent any sort of meaningful protection, it still doesn't make it okay for you to take advantage of the uneducated and thieve their possessions.

  54. Mark
    Paris Hilton

    Re: hmmm and "Usual BS excuses"

    No, if you yelled out "Can I come in" then you can come in. You still don't get it do you: my wireless machine asks YOUR device which YOU set up "can I come in" and YOUR device says to MY device "Yup, here's how to connect" and MY computer then uses it.

    Fer fecks sake, how many times do you have to be told?!?!?

    And as to "Stealing WiFi is stealing WiFi" this is what is known as a tautology. Yes, if I were "stealing wifi" it would be stealing wifi. Now how do you steal it???

    Bunch a PH's the pair of you

  55. Simon
    Go

    In response...

    > solution would indeed be for the retailers to have the default settings so that you have to turn open your wifi to others as mark says rather than drawing up excessive regulation on the subject.

    No, the solution is simply for users to not operate any devices that they are not qualified to. When you buy a wireless router, read the damn manual and don't cry if you don't.

    If I buy a car and leave it unlocked with a sign on the front saying please use me, and it says in the manual 'If you dont want other people using your car, lock it and remove the sign!' is it my fault or theirs? I think it's mine.

    > Stealing WiFi is stealing WiFi, regardless of whether the connection is secured or not. Nothing makes it right, and you're nothing but a leach who's too cheap to buy your own connection.

    Someone is a bit touchy. I imagine every single person on this page has their own connection at home. Right now I am at working and using an unsecure wireless point I found. I don't know where it is, and I've been using it for around 2 years. It could be from the government public center next door to my workplace, free and available for all, or it could be from some guy across the street who doesn't mind helping his neighbours use it. Either way I don't see a problem with using it. Sadly it's the only way I have to use internet here.

    >Most of us make our money selling or fixing the computers owned by people who don't fully understand how to use them. To suggest that they don't deserve to have access to the internet is complete and utter bullshit.

    Wait, so it's wrong to prey on their (possible) stupidity at not reading the manual and using their wifi, but it's not wrong to prey on their stupidity at not reading the manual and charge them to run anti-virus on their computer, or fix other problems caused by their stupidity?

    >And MY issue (which is why the law doesn't make sense to assume that an IT person isn't ignorant of the law: we know more about that law than the judges do) is that how do we know if the user wants us to or not?

    >How can we tell the difference between an honestly open AP and one where the luser doesn't care to close it?

    This is a very good question, and in my opinion if it's open then they don't mind if people to use it. They have the choice of closing it and provided they have read the instructions should be fully informed of the "risks" of not securing it.

    The device itself determines who can use it or not. By plugging the device in, you are basically giving the device the permission to say yes and no, so really you have to ask the device in court whether it intended to let people in or not. And the device will say 'yes' because that's what it has been told to do by its master.

    It's rather like hiring a guard for your house to stand outside but not telling him how he judge if people can pass or not. If you hire a guard to keep only men out of your house, and the guard lets all women but accidentally one man in, it's the guards fault right? If you tell him to let anyone in though, and he does, it's not his fault if later you say hey I didnt want this man to come in, it's yours. Nor is it the fault of the people who are coming up to the door and asking if it's okay to come in.. Unless there's a big sign saying 'No Men!' and the guard forgot to check, you should know better yourself.

    This is probably how the coffee guy lost his case.

    I saw the network and I thought, I wonder if the person has told his router to let anyone in. So I clicked it, and it turns out he had.

    And if you want to mention 'Oh it was probably default!', isn't the "default" for hiring a security guard to stand outside your house the same? Anyone can pass, until you give him or her specific instructions to the contrary?

    In summary, RTFM, and don't cry if you don't. I don't see how ignorance of your actions lets you accuse people of stealing.

    >so all routers should come locked down. At the very least the CD that comes with the drivers et al should have a program that turns ON the wireless point AND adds encryption.

    Should they? Where do you draw the line? Should everything I buy come with instructions like this? Warning: contents may be hot on my coffee? The instructions are right there in the manual.

    If you buy a saw and accidentally saw your arm off, it's your fault for not reading the instructions on how to use a saw correctly. Chances are you just whipped it out the box, plugged it in, and hoped for the best.

    >You may well get off when the case comes to trial - several months later. Little consolation, I would have thought.

    >Your house has been searched, you've been questioned by the police, all your computer equipment has been talen away, you've appeared before the magistrates at least once, you've been on bail ever since, and featured in the local paper as a suspected paedo..

    What's more likely is the police will come knocking at your door and may ask you to come to the station or ask you some questions. If you are non co-operative it might suggest guilt, but chances are you'd go 'huh???' and after you hear the charges you'd probably say hmm it could be my wireless router? At which case you'd read the manual or turn it off. You could probably catch the guy doing it if he parks outside your house as well.

    The police aren't going to come bursting down your door and stealing your computer equipment lol.

  56. Jason Clery

    @Mark

    "No, if you yelled out "Can I come in" then you can come in"

    What rubbish. You may be around the back, or working near the car and could not hear my "yell", also, you do not yell "can I come in", the equivalent would be asking the owner.

    "my wireless machine asks YOUR device which YOU set up "can I come in" and YOUR device says to MY device "Yup, here's how to connect" and MY computer then uses it.

    Fer fecks sake, how many times do you have to be told?!?!?"

    For feks sake, you don't get it. There is NO IMPLIED CONSENT there.

    Just because a door is unlooked does not imply consent to enter and take.

    Tell us wheer you live, and we will imply consent on your stuff. Left something in the garden? implied consent. Left boot of car open when taking the shopping indoor? implied consent.

    If you are going to be a thief, just admit it and I'll be ok with that, don't try justify your crime.

  57. triky

    agree to disagree?

    I think that the difficulty with making comparisons with hosue, or cars, or guards letting people in or out is that these are examples that people can physically see and understand. And our culture has changed over the years (like when people didn't lock their doors) so that people have learned to lock their doors.

    Wifi is different. There are many people that fail to comprehend even the most basic functions of a computer, only now coming to grips with the internet, let alone anything travelling through the air.

    That's not something they can see. Many people (especially those of the older generation) might understand that if those waves are travelling in their home, how is that trespassing or stealing, since they are at their own computer, in their own home.

    Also, to the person who said something about leaches and being too cheap to buy their own connection, I would like to say, no I'm not too cheap, I'm poor. I'm a lowly-paid intern living in an expensive city. I rent a minute flat with no phone line, what used to be a maids room back in the day. If I want internet, I need to ask permission of my landlord and the housing authority. I need to pay for installation of a line and accompanying fees. then I need to pay for a phone and internet service. I am obligated to pay for 12 months minimum service unless I move out of the country. And this knowing full well that my landlord can expulse me from my flat at any time. So when the travel agency next door leaves their connection on all night and all weekend, i'm not really going to think twice about connecting to it.

    Anyway, I think wifi internet should be free. Maybe restricted in badwidth,I dont know. Here in geneva there are some public wifi points in certain areas (like in public parks and near the uni). I think it's a good idea.

  58. Mark
    Dead Vulture

    @Jason Clery

    Yes, and if you don't hear me say "come in" then you CAN'T COME IN.

    However, if you DO hear me say "come in" you can come in.

    In any case, the public already come on to my property. They have to to ring the bell. And when someone answers the bell, they may ask "can I come in?" and if they are allowed in, I can't rush forward and say "trespasser!!!!" and get them jailed for it just because it was a friend of mine who answered and not me. Why? Because this person at the door had an expectation that this was the owner of the property. So when my computer asks your computer "can I connect" and it says "yes" YOU likewise cannot do me for tresspass just because you didn't mean the computer to let me in.

    You can tell me you want me off and if I fail to do so THEN you can call me on tresspass. However, if you cannot tell it was me (I could be on someone ELSE'S AP, not yours) then again, you cannot tell me off. If you say "the AP on <such and such> is not to be used and YOU TELL ME I can then check whether I'm using your network by accident. If you've left it at the default, and so has your neighbour, I may not be using your network and the problems you're getting are because you were too lazy to change.

  59. Anonymous Coward
    Anonymous Coward

    @Jason Clery

    Someone doesn't know how wireless works.

    But it's evident you just "fix" computers.

    ------------------------------------------------

    Anyway this misnomer about lots of new technical users who've been brought up with tecnology.

    Yeah - not happening. Most 20 year olds I know don't know squat about computers or networks.

    Most people just don't care - and I don't blame them, computers are boring, the internet is pretty boring, and the hype about communicating with lots of people? It ain't all it's cracked upto be.

    Most non IT folk I know use the internet(and well - their computers) to download music, look at youtube, check webmail and upload pictures to facebook. That's it.

    To be honest that's more or less what most of the IT folk I know use it for too. Also most IT folk who generally just do their job (developers, testers, analysts) they don't care about security and such like either.

    So in 20 years time probably even less people will really know anything about machines - becouse nobody cares - it's just a box that does some stuff.

  60. Simon
    Happy

    Er

    >What rubbish. You may be around the back, or working near the car and could not hear my "yell", also, you do not yell "can I come in", the equivalent would be asking the owner.

    I think you have gotten a bit too worked up about the issue without thinking clearly. If you are around the back and don't hear the doorbell then obviously it's not permissable for the person to enter.

    Wireless doesn't work by your computer saying 'Hey im coming in ready or not!!!', it has to get permission to be able to connect.

    I think Mark already covered this but I wanted to state it a bit more clearly.

    As for wireless being free, well... we'd all love it to be free but free really just means comes from the lovely tax you pay the government =)

    I pay a respectable 20 quid a month for fibre optic 100mbps, although I don't have a phone line cos I just use my mobile phone, which can also surf the internet for 30 quid a month albeit somewhat slower;)

  61. Jason Clery
    Flame

    Mark

    "Yes, and if you don't hear me say "come in" then you CAN'T COME IN"

    Where did you hear the owner of the wifi say come in? You THINK, you GUESS, you IMPLY he said yes, but without EXPLICIT permission, all you have is your guess.

    You don't quite understand the concept that you are not asking the owner, its two bits of electronic stuff talking. It does not imply consent. A SSID of "open to the public" implies consent.

    Under your logic, if you you don't update your OS, you are inviting hackers into your system.

    Tell me where you live so I can play by your invite rules. Leave the car boot

    open to take the shopping inside... fair game for the rest of the shopping.

    Under your logic too, you could rape a mute, because after all, she didn't say no.

    Leave a window open at home? fine for someone to come in then.

    Joe Public are by and large, not IT savvy. If its left on default settings, then its a mistake.

    Do you think its ok for people to con grannies out of their life saving for "home repairs", after all, if they are too stupid to figure out its a scam, because nicking wifi is a variation on that theme.

  62. Mark

    "There is NO IMPLIED CONSENT there."

    True, there is EXPLICIT CONSENT there though.

    Your computer, authorised by you to answer, says "yes.

  63. Simon
    Alert

    Mark

    I see your choice of icon fits your mood, but why do you contradict your own argument half way through?

    Setting up a device to make that choice for you is exactly the same, as I tried to state with my security guard post above. To post this comment, I had to type a username and password. If the site creator never sets up such a system, so comments are available for any member of the public to post, does he have a right to complain or is he inviting anyone to go ahead and post?

    He or she set up the system the way it is, public and open for all. I can hardly open a newsagents, wait for you to come inside then go HA! The welcome sign was a lie! Signs aren't human! I didn't say you could come in!, then call the police...

    >Under your logic, if you you don't update your OS, you are inviting hackers into your system.

    Only if they ask me first. If they ask and my computer says no, then they put a brick through my window and climb in, that is hardly consent is it? There are no ways of hacking a computer that I can think of which aren't clandestine in some way. Even if a program has a flaw (a flaw, not just you being clueless about setting it up) that if you leave your usename blank it lets you in, in court that is hardly going to save you unless you had a genuine reason for connecting in the first place. Using the internet on someone's wifi is a genuine reason... logging into someone elses account is dubious at best.

    >Tell me where you live so I can play by your invite rules. Leave the car boot

    >open to take the shopping inside... fair game for the rest of the shopping.

    That's the part you contradict yourself. If there was a sign on my car boot saying free fruit then you'd be at liberty to help yourself.

    >Under your logic too, you could rape a mute, because after all, she didn't say no.

    Are you kidding me? She wouldn't say yes either so you'd be left in the same state as if you had never asked the question, and not asking someone is not consent.

    >Do you think its ok for people to con grannies out of their life saving for "home repairs", after all, if they are too stupid to figure out its a scam,

    This is actually completely unrelated, and you are using moral arguments to try and make things look illegal. It is not illegal for tesco to double the price of battenburg cake no matter how much I love its sugary taste. You can try a save-the-babe (the pig kind) campaign outside mcdonalds to play into our hearts but selling pork isn't illegal. Selling services to grandma isn't illegal either unless they are lying, in which case it doesn't matter who the receipient is.

  64. Jason Clery

    give me the ocular proof

    "True, there is EXPLICIT CONSENT there though"

    Prove it. Prove that the personw ho owns the wireless granted explicit consent.

    The whole argument here, is you assume that by the device being unsecure that permission is granted. I disagree with that. Lack of security does not grant consent.

    Just because your computer can connect and does, does not mean its allowed to.

    So Simon, you do think its ok to con grandma then. That guages your character and tells me why you think its ok to steal wifi.

    What next "he left his phone on the table, so its mine now innit"

  65. Mark

    Re:give me the ocular proof

    OK,tell me where you live and I'll connect to your open AP and I'll print the access log that has the request/acknowledgement in it.

    Or you can read the RFCs which state the messages.

    PS Simon was going to flame you for making shit up I said, but you're title ought to have been either "Re: Mark" or @Jason. And Jason still seems to be unable to hear "if you say yes, I can" he just hears it as "I can". Weird deaf fuckup there. Or his brain is mis-wired.

  66. Jason Clery

    Mark

    No point trying to get you to understand that a machine doing an automatic negotiation is not the same as the owner granting permission. The machine is granting permission NOT the owner

    You obviously have no morals, and are probably a spam merchant. I hope you get caught, I hope the decide to throw the book at you to make an example.

  67. Mark
    Dead Vulture

    Jason

    no point in trying to show you that it is.

    When you swipe your card, your card and the till machine combine their information to your Pin and ask the bank "can I take his money". YOU don't give permission. you can't. you don't talk 2400baud.

    When I swipe the entry card, I'm allowed entry because the card and the door lock agree that the door can unlock for me. But there's no guard to ask "can I come in". No doorman. Just an agreement between two machines that some action is allowed.

    So if the lock is misconfigured and I'm allowed somewhere I should not be, there's a fault with the door. If, however, I've faked a pass from someone who does have permission, that's my fault. If I pick the lock (even if said pick involves a credit card shoved somewhere) then that's my fault. But if there's no lock, even if the building owner put one in but it's broken IT IS NOT TRESPASS. If the door is unlocked but says "employees only" and I'm not an employee, it's trespass, lock or no. With no lock and no message, IT IS NOT.

    When you read this message (which is copyright by me) or any of my other messages you've made a copy of it. A copy can only be made with the permission of the rights holder. Did you ask? No? So where's the permission?

    Answer me how you got the right to infringe on my copyright, Jason. I never heard you ask.

  68. Simon
    Unhappy

    Circles, and going round in them...

    Sorry Mark! I got a bit confused it wasn't directed at you of course.

    We are going round in circles here, so unless there's anything new to post it's probably wise to end this discussion soon.

    In short, wireless can be set up to allow anyone to use it, or specific people to use it. The person setting it up chooses which, and cannot complain if he or she sets it to allow anyone to use it, and then anyone DOES use it. You can't advertise something for free then complain when people take it.

    As for the conning thing I thought I already explained it clearly, but lets assume the definition of a con is something illegal. Then no, it's not okay to con grannies, or anyone else for that matter.

    If a con is doing something to someone you feel morally objectionable, such as selling grandma some house insurance she doesn't need, then isn't every commercial on TV a con? I don't need half that junk but it tries (and sometimes succeeds) in selling me it. If someone says 'Can I borrow your credit card for 5 minutes' and I say 'duhhhhhhhh okay' who's fault is it then? Them for "conning" me? No.

  69. Liam O'Flaherty
    Thumb Up

    @ Robert Long

    That's a VERY socialist stand and I agree whole-heartedly with it. If we all had nice routers with DD-WRT firmware we could be nice to our less well off neighbours and let them check their mail etc FOC!

This topic is closed for new posts.