digilink said:I totally agree, I was about to say the same thing. It is no different than leaving your house unlocked, you invite someone to come in and steal your belongings. They should have secured their network.
Fuckin idiot
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
digilink said:I totally agree, I was about to say the same thing. It is no different than leaving your house unlocked, you invite someone to come in and steal your belongings. They should have secured their network.
hokatichenci said:What about webservers? They are indeed, just another device with which you communicate. If I have a webserver, does that mean you need some form of written permission to use it? If I had a web server on the web and attempted to sue somebody for accessing it then the case would very likely be thrown out quickly, and I would be the laughing stock of the Internet. Why? Because nearly all webservers are by default very open. Now if I started enforcing various rulesets, like the client must be connecting from a secure intranet and use SSL + a login scheme, if somebody bypasses that they are obviously violating the network. But I don't see how an open design when accessed in an open way, and adhering to the protocol standards can be construed as "without permission", and therefore a felony.
Trepidati0n said:It is a called relative moralism. You find an example you can twist to meet your "goals" and call it okay. It is the same as people who OC their video cards because the option is there but they RMA it when it breaks. You come up with some lousy excuse to make yourself feel justified in doing it because you fuck'd up.
-tReP
The problem is that there's no way to differentiate between APs that have been left open for public use and a n00b's AP that is open because of defaults.
ninethreeeleven said:A better analogy for this would be...
There is a Drive-In theater with a large hill just outside its grounds. Person A sits on the hill, on public property and is able to see the movie. The Drive-In has the sound broadcast over a local low level radio antenna (many do this) and Person A has a small radio.
Person A is on public grounds listening to a feed broadcast outside of its original destination without "hacking" into the radio transmission. Yes he is watching and listening to what many people are paying for, but the Drive-In did nothing to protect their screen/sound. They could have put up trees or walls to block said hill but as it stands this guy is just hanging out, doing nothing illegal.
PopeKevinI said:It just occurred to me that this offers hackers a unique passive way to collect information as well. Simply set up a WAP, let others use it, and collect their data with it. It's a variation of the "evil twin" attacks at hotspots, only this time you're actually volunteering the information to their systems.
PopeKevinI said:It just occurred to me that this offers hackers a unique passive way to collect information as well. Simply set up a WAP, let others use it, and collect their data with it. It's a variation of the "evil twin" attacks at hotspots, only this time you're actually volunteering the information to their systems.
PopeKevinI said:Okay, here's a better analogy:
You're sitting in your living room watching TV. A guy parks outside and watches TV through your open window.
Has he done anything wrong?
Now, he decides he wants to watch something different, whips out his trusty universal remote, and changes the channel.
Now has he done anything wrong?
Ludic said:No.
Yes.
Isn't it the FCC rule that if you have a device that receives a transmission, that you must allow that device to receive it? Or what is that warning printed on most electronic devices about receiving electronic signals... (goes to look up)
hokatichenci said:Great for them. It would also be trivial to bust these hackers. Go to whatismyip.com, login publically to some service that really isn't public, just a honeypot. Check back and see if somebody has logged in with the username and password used for that AP. If it was, then voila, you have the IP of said AP, as well as the IP of the attacking machine. And its also trivial to start encrypting your traffic, as there are plenty of open https web proxies or you could encrypt it yourself (if you have a box to tunnel to). If people want to be idiots, let them.
hokatichenci said:Creating legislative protection for idiots is only going to hurt the rest of us who are not, as well as overburden our justice and prison systems (which nobody has addressed yet). It took the DA three weeks to decide to take action on a guy who had assaulted my friend, and then threatened publically in front of many different people who were willing to talk about it. Thats what I would consider a serious crime, since there is real inflincted harm on a person and the threat of further harm which the police couldn't do anything about until the DA took action. I can't imagine how much longer delays would be when the courts would be dealing with all sorts of "he looked like he was using our wireless Internet" cases.
18 U.S.C. 2510
TITLE 18. CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES
CHAPTER 119--WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND
INTERCEPTION OF ORAL COMMUNICATIONS
§2511.2 (g) It shall not be unlawful under this chapter or chapter 121 of this title for any person--
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
§2510. Definitions
(16) "readily accessible to the general public" means, with respect to a radio communication, that such communication is not--
(A) scrambled or encrypted;
(B) transmitted using modulation techniques whose essential parameters have been withheld from the public with the intention of preserving the privacy of such communication;
(C) carried on a subcarrier or other signal subsidiary to a radio transmission;
(D) transmitted over a communication system provided by a common carrier, unless the communication is a tone only paging system communication; or
(E) transmitted on frequencies allocated under part 25, subpart D, E, or F of part 74, or part 94 of the Rules of the Federal Communications Commission, unless, in the case of a communication transmitted on a frequency allocated under part 74 that is not exclusively allocated to broadcast auxiliary services, the communication is a two-way voice communication by radio;
§2511.2 (g) It shall not be unlawful under this chapter or chapter 121 of this title for any person--
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
PopeKevinI said:If it were so "trivial" to evade hackers, why do major corporations struggle with it?
PopeKevinI said:Laws against computer viruses are "protection for idiots", you know. It's stupid to not patch your system and use a firewall and antivirus, given the state of things. I suppose you think that should be okay, too?
ts like me saying its legal for me to download music...i know its wrong and so do you, but people do it everyday.
PopeKevinI said:It just occurred to me that this offers hackers a unique passive way to collect information as well. Simply set up a WAP, let others use it, and collect their data with it. It's a variation of the "evil twin" attacks at hotspots, only this time you're actually volunteering the information to their systems.
deadm3at said:do you realize how easy that is to set up? 1 extra machine and 1 program. even if its not your AP, you can do it on any AP you have access to, wireless or not. grabs everything that goes over the line out the gateway. passwords, ssl traffic, ...everything.
Empyrean said:On the other hand, it is legal to intercept waves passing through your home, so I guess snooping would be okay on any packets drifting through. It was legal to just listen to people's cell phone conversations that could be picked up on a radio. Transmitting back is probably where the line could be drawn, which utilizing a network does do.
deadm3at said:do you realize how easy that is to set up? 1 extra machine and 1 program. even if its not your AP, you can do it on any AP you have access to, wireless or not. grabs everything that goes over the line out the gateway. passwords, ssl traffic, ...everything.
PopeKevinI said:As for listening to cell phones...aren't they encrypted these days? I believe it's currently illegal to break encryption.
PopeKevinI said:And the really amusing thing about it is that simply collecting the information in this manner (on your own system) may be perfectly legal.
ashmedai said:May? Is. I have every right to log whatever traffic occurs on my network. On the other hand I don't have the right to use that information in an illegal way, such as collecting credit card information and using it to commit fraud. Illegal things are still illegal.
PopeKevinI said:I said "may" because I'm not 100% certain that there's not an obscure law on the books that forbids collection of certain "private" data, even on a private network.