So I can't be altruistic then?
and offer my wifi connection for passing users?
German surfers risk fines of €100 if their open Wi-Fi connection gets used to download copyright-infringing material. The regulation follows a ruling in Germany's top criminal court on Wednesday, AP reports. The Karlsruhe court ruled that Wi-Fi owners are liable for abuse by a third party in cases where they fail to password- …
>and offer my wifi connection for passing users?
Probably best to just adopt a dolphin or something.....
....though securing with WEP or WPA/TKIP amounts to the same thing.
I wonder if the knock on effect will be the assumption that since your network is 'secure' it must have been you that was downloading extreme porn, terror manuals or, God forbid, Feargal Sharkey albums.
You will also need to buy a SDS drill, so you can drill holes in the walls you need to pass the cables through. And a chasing chisel if you want to bury the cables in the wall to make them neat in a home environment. And the plaster to refill the channels, And the paint, and the time.
Yeah, looking good now, those cheap cables. I use wireless so I don't have to go through he pain of rewiring my house, and I use cables where it doesn't matter.
There is a reason why wireless is so popular you know - did you not think what that might be before posting?
A fair point, James, but jtr101 is also right in essence. In my experience, 90% of internet users don't even know there's an option beyond wi-fi - they buy the gear, plug it in and off they go. I've lost count of the people I know who use wi-fi to connect to a router an arm's length from their PC. Security - what's that?
A neighbour complained to me that he thought someone was piggy-backing on his router. I checked - not a ha'porth of security of course. Could I make his wi-fi secure? I could do better than that - I popped back home and got a spare ethernet cable and switched off his wi-fi altogether (he only has one PC and the router sits on his desk). He didn't even know you could do that! And neither do most people I've made a point of asking since.
My own desktop PC is hard-wired to the router which is barely a yard away. My wife's PC is in another room, so it uses wi-fi - as secure as I can make it of course, and the wi-fi is switched off at the router when not in use.
Horses for courses, people ...
That all said, this moronic judgment is typical of what happens when technically-dyslexic lawyers (and their vested interest clients) stray into the field of IT.
"Err, Yes! I think you'll find most insurance policies have a clause that you need to secure the vehicle before leaving it."
Yes, but this isnt an insurance company using tactics to get out of making a payment.
This is akin to saying if you leave your car unlocked and someone steals it, the police will fine you in criminal court, irrelevant of your issues with the insurer.
Significant difference.
Velv is confusing two different things. Leaving your car unlocked may well invalidate your car insurance. That is not the same as being held liable for any crimes committed by the person who steals the car. In fact it is totally and utterly different.
That said, I'd go cautious on this AP report until confirmed, and until the relevant law is stated. It doesn't sound right; for example, what is "Germany's top criminal court" doing ruling on the outcome of a *civil* case? Who brought the "prosecution" and under what statute? If the offending WiFi owner was "fined" by a criminal court, what does the guy who sued him for damages get?
It all strikes me as very confused.
Worse than that, they are liable for any crimes such as bank robbery performed with the aid of their stolen (unlocked) car.
This is a really dumb verdict, not because people should protect their WiFi link, but due to the precedent that anyone taking advantage of insecurity is your fault. What of MS' can of worms security?Are you now liable if your PC is compromised? What if you have to use WEP due to older hardware, etc, and then it is broken due to its well known weakness, are you liable then?
The argument that no password = liability also kills all public wifi points as well, as they are open to anyone. Even if protected, how hard is it to buy a coffee with cash and then upload?
Stupid, stupid, stupid!
This is one thing I particularly hate about the way copyright laws are used/abused, it is the approach where by "assisting" infringement is easier to target in court rather than finding or prosecuting the person committing the crime, so go after services or users who are innocent themselves but who's services can be abused. Then ISP's etc, face big legal bills (which we end up paying) when they don't jump to the (often unreasonable) demands of copyright holders and their organisations.
...if our computers get infected by a virus or trojan that turns it into part of a botnet that then goes on to commit other crimes (hacking or DoSS'ing the Pentagon say) we are then also liable.... Brilliant. Of course that won't happen, because it is silly, but becuase it this case piracy is involved, all logic goes out the window....
So much or German practicality....
A better analogy would be to hold the post office responsible for not checking all packages for potentially containing a bootleg CD would it not?
Either that, or for not getting you to sign saying you are not sending anything bootlegged?
This is yet another example of politicians being it the back pockets of the publishing industry, and not thinking at all.
I never lock my car never will, Silly gits would never be able to drive it away anyway its a 2cv.
Even though i never lock it they still broke the window to get in !!! OMG that made me so angry .....
and why are the police checking to see if my car is locked or not !!!!!
This post has been deleted by its author
"The owner of the network was able to prove that he was on holiday at the time of the alleged offence.
Despite accepting this, the court held him partially responsible for the civil offence and levied a modest fine"
So it was unsecured even before he went on vacation. The "I thought it didn't count if i wasn't home at the time" excuse was made up as some sort of defense. I'm surprised they even reduced the fine. So does this only apply to home users and not companies? Torrent programs use random ports and there are a lot of unsecured hotspots out there. Article says they only punish those with unsecured wireless home connections due to 3rd parties using it to share copyrighted material.
The law which was passed a few years ago effectively makes providers of open wifi into accessories. The parallel is with leaving weapons unsecured. WEP is not considered safe in Germany and you cannot buy wifi hardware that it unsecured by default. Interestingly the court decided there was no liability.
There is nothing wrong with reminding the public of some of the potential risks that technology brings with it and encouraging a sense of responsibility. Worried about someone hacking into your computer? Securing your wifi is a good way to prevent this. Limiting liability will stop lawyers and the copyright industry making a habit of this.
What counts as secured then?
There are *much* more likely ways to hack into a computer rather than be close enough to hack the WiFi link its using - especially home computers.
WiFi is not a weapon so it seems to me to be a poor analogy. Its like being held to blame for the contents someone pushes through your letter box.
I travel a *lot* and make extensive use of public wifi hotspots. I assume going to Germany will be a no-no for me because the arse getting a WPA2 key and entering for each one will be a right pain.
The funny thing is if you have public wifi service (Starbucks, McDonalds, Virgin Trains etc) this implies they will need to generate UID and password for each and every customer, each and every time they use the service.
Germanic Farce. Who'd'a thunk it.
@John Leyden
You got the decision wrong. The fine is only limited to 100€ if the violation/infringement of copyrighted material fells under the facts of the § 97a II UrhG (German Copyright Law).
This is the case e.g. in the decision your article refers to, because it was just 1 (one) downloaded and distributed song. It is not the case if e.g. one complete album or a movie file etc. has been downloaded and shared. then the fine is not limited by a certain upper limit.
... "i wouldn't be able to share my wireless with my neighbours"
I think you would ... provided your network had a password.
There's nothing in the article to say that you can't give the password to a neighbour, and though they might still try to hold you partially responsible for any infringement by the neighbour, it wouldn't be quite so risky as leaving the network open to all and sundry.
I knew someone who got woken up by the police and asked where his car was "outside", he replied, "no, it's in a post office south of the river" -someone had nicked it and used it for a bit of ram raiding.
It was an astra, which anyone could open with a screwdriver, hence by this law he should be liable for inadequately securing a car used in a criminal activity
This is a lawyer's fee for the service of sending a cease-and-desist letter. It was capped to 100€ for simple cases by a recent law, and the court explicitly stated that it would apply in this case, except that the case was too old.
Previously it was quite a bit worse, lawyers abused the law to demand 3 to four figure sums and earn easy money sending mass cease-and-desist letters.
So the situation actually got better, you only risk a measly 100€ for leaving your Wifi open.
Yes, I've heard about that. Lawyers would do a Google search for some random word that happened to be a trademark then send out thousands of letters demanding about £1000, which people would pay because it's cheaper than going to court. And all the money goes to the lawyer.
This particular bit of legal crappiness seems to be specific to Germany. Most countries would require the claimant/plaintiff to prove damages before there could be any talk of legal expenses, and then, at least in the UK, any legal expenses awarded would not be so high as to allow the lawyers to make a big profit, thereby encouraging them to bring unnecessary cases.
With HADOPI, securing your internet access will be your problem, with you liable for "gross negligence" if you do not.
The interesting question is... what if your networking kit is compromised while passwords are in use? The Orange Livebox (WPA2/AES) has a ridiculously long key (26 hex digits), along with a push-button-to-authorise WiFi, though the default is WPA/TKIP. How many older things require WEP? Or default to WEP? Or all those lovely Neuf boxes which are supplied completely open (judging by the results of some random wardriving).
I get called frequently to fix "the internet" (MSIE messed up), and now these sorts of people are supposed to understand not only that wireless internet needs passwords, but also that there are different sorts to choose from. Hehe, I have disabled WiFi on a number of Internet boxes and nobody has been any the wiser. The world might be a safer place if ISPs supply their equipment with this turned OFF, so only people that make use of it need to turn it on.
[thinks: I wonder if the ISP can share any liability if they provide a WiFi enabled box to a granny-type who plugs in a computer and has no idea there's WiFi, or what it's about]
I recently signed up with VM ( over subbed local ADSL exchange! ). VM sent through a DLINK wireless router. It was wide open with no admin password, no MAC filtering with WEP as the standard encryption level! It even had the default SID of DLINK! FFS! I was able to simply join to it from my laptop over the WiFi and set the options with no security checks!
So if you're driving about and happend to find the odd open DLINK SID, most likely a VM link and most likely wide open to abuse!
Sky might be a pain, but at least the wireless user kit they send out is locked down from the minute you get it!
Before this it was unsure if you could be liable for 3rd party piracy, now it means there's a cap of 100 Euros on it. This is a huge step forward, as it'll essentially destroy the busines model of companies like Logistep which previously got it's money for sending notices to customers. For only 100 Eur it's not worth doing so. The lawyers would cost more.
So the general idea here is that it's now save to run open wireless networks, as the worse thing that could happen would be a 100 Euro fine, and even that is highly unlikely.
seeinging the last pst about vm, their other wifi routers that they use, are the white netgears.
they all have the the same ssid (virginmedia i think) and its all nice and secure with wpa. nice. BUT. the default wpa code on them all is 'preinstall' so, unless its been changes, and most havnt, fill yer boots.
That MAC filtering thingy is useless since one can see the clients MAC addresses and change his own MAC according to what he recorded.
Youre totally right about saying "Sounds like more legislation about IT made by legislation people who know nothing about IT."
BTW: From what i saw from wardriving through Germany, WEP is the most used encryption followed by "no encryption" which means half of all APs in Germany are in fact "unprotected" :)
The other half is WPA/2 since AVM for example delivers their "FritzBox" preconfigured with WPA2 protection using a hexish random key.
If every AP vendor would do that everything would be fine....
Like someone else, I disable wireless as a matter of course if the user doesn't need it.
I also have the other problem that wireless "just doesn't work" a lot of the time. My router is in the living room, and that's the only place I can get a signal - the kitchen is unusable, upstairs is unusable ... a friend over the road finds that his laptop prefers to connect to the router next door rather than the router in the next room ...
My current router at least is sort of secured by default - its admin passwords are still the default settings, but admin only works on the wired connections unless it's specifically enabled for wireless. The annoying thing, though, is I use MAC filtering which applies to *everything* including the wired ports :-( no option to secure only wireless.
My old D-link was totally unsecured, but that was because I (a computer professional!) couldn't get security to work! If I couldn't do it, what hope would a normal person have?
Cheers,
Wol
In other news Xerox will stop making copiers, the education system will require we all sign off on learning to read and write due to threats from the book-publishers & authors and music lessons are no longer allowed because music might be copied.
GOOD GRIEF!
I use a wireless router here in the home-office, but I also run wires and use the household wiring to tap into the network (and by extension the Internet). In addition MAC filters are implemented to allow only certain wireless devices access. Is my network 100% secure? No, no network can be, but it is as secure as I can make it without unplugging from the Internet.
Most people around here now have WEP or WPA (usually WPA) enabled by default, but the vast majority are clueless when it comes to security.
Still, having a wireless router being used by an unauthorised person, is no reason to punish the owner of the router, in much the same way that the owner of a vehicle that was stolen and used in a robery is no reason to punish the vehicle owner.
When I was young and naïve, I thought that laws were about punishing people for doing bad things. However, apparently this has long since been extended to punishing people for possible prerequisites to bad things that are already illegal anyway--surely those laws about people doing bad things could simply be enforced, and if they cannot, then what good is there in adding more to enforce? I suppose some buffoons think that this will hinder criminals more than it will just bother people who were minding their own damned business.
When doing something bad is no longer prerequisite to being a criminal, what respect ought I to have for those who decide what crime is?
Of course, as with nearly all obnoxious, irrational laws today that attempt to prevent people from committing crimes by punishing people who have done nothing bad, this one fits into one of the following three categories (the second, of course):
1. Moral panic involving children somehow
2. Something having to do with "intellectual property"
3. Terrorist scare
Isn't it amazing that so much stupidity shares a common root system?