RE: Wireless Security

["Herman Frederick Ebeling, Jr." <hfebelingjr () lycos com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


- -----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
Sent: Thursday, 13 October, 2005 12:23
To: hfebelingjr () lycos com; security-basics () securityfocus com
Subject: RE: Wireless Security


  IANAL, of course, but I *have* been paying attention to issues
like this.....

> A)    What if any obligation to the neighbors does the person
> who initially setup the Wi-Fi network have?

  None.  If I live on a corner and put up a fence around my lot,
I have no obligation to compensate the pedestrians who used to
shorten their journey by cutting across my lawn.

====>   On your analogy I think that the courts have provided that IF the public
has enjoyed the privilege of taking such
a route  that a property owner cannot remove that access.  Such as the case of a
land owner on a lake and the public
has always used said property to access the lake.  The land owner cannot "close"
their property to the public thus
cutting off access to the lake through their property.  They would have to go
through the court system in order to do
so.

> B)    What happens IF one neighbor goes in and reads/deletes
> msgs/files from another neighbor's computer is the person who
> initially setup the Wi-Fi network for their own use liable?

  Possibly.  A case could be argued that the unsecured Wi-Fi
constitutes an Attractive Nuisance, and a court could find civil
liability on that basis.  Not a gamble I'd choose to take.

====>   Actually the courts have found that a fence WITH a "no trespassing" sign
is likewise an attractive nuisance.  And
could force the property owner to remove one or both.  And given that not
everyone is aware of all of the security
needs of a Wi-Fi network or even a traditional LAN that just because it's left
open/unsecured is not an invitation to
anyone and everyone to join it.  It'd be like (as several others have said) just
because ya leave your front door open,
that isn't an invitation to the person walking down the street to come into your
home.

> C)    Can the person who initially setup the Wi-Fi network
> legally go in and look around his/her neighbors computers?

  Of course not.

====>   I would think that IF all the person who setup the Wi-Fi network was doing
was trying to find out who it was that
was accessing their network that it should be allowed.  I mean don't they have
the right to find out who is accessing
their network???

> D)    What if one the neighbors get a virus, is the person
> who initially setup the Wi-Fi network liable?

  Same as B.

====>   IF they deliberately setup it for their neighbors to freely access then I
could see them having a responsibility,
but just because someone sets up a Wi-Fi network for their own use and doesn't
secure it doesn't give their neighbors
the "right" to access it or the Internet through it.  Doesn't mean that they owe
anyone who is accessing it illegally
anything.

> E)    What if any expectations to privacy do the unauthorized
> users have?

  PROBABLY none, but they may be able to argue that they were
not informed of that fact.  They might even argue that the
unsecured state of the Wi-Fi constituted -- for all they knew!
- -- authorization, and that might make even the transmissions
*through* the Wi-Fi subject to various electronic communications
privacy legislation.

====>   IF they're illegally accessing someone else's Wi-Fi network why does
anyone have to tell them anything?  Again
your argument that the unsecured Wi-Fi network is an "open invitation" for
others to access it.  Is like saying that
the person who leaves their front door open is "inviting" the person walking
down the street into their home.

Moral:  Public Wi-Fi should be implemented deliberately, not
accidentally, and probably with legal advice up front.  By the
time any of these questions stops being hypothetical, it may
already be too late.

====>   Well said.

Herman


> -----Original Message-----
> From: Herman Frederick Ebeling, Jr. [mailto:hfebelingjr () lycos com]
> Sent: Wednesday, October 12, 2005 12:17 PM
> To: security-basics () securityfocus com
> Subject: Wireless Security
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've got a question (actually a few) along these lines.
> Let's say that a person has a Wi-Fi network setup at home.
> And they find out that some of their neighbors have accessed it.
>
> A)    What if any obligation to the neighbors does the person
> who initially setup
> the Wi-Fi network have?
> B)    What happens IF one neighbor goes in and reads/deletes
> msgs/files from
> another neighbor's computer is the person who initially setup
> the Wi-Fi network for their own use liable?
> C)    Can the person who initially setup the Wi-Fi network
> legally go in and look
> around his/her neighbors computers?
> D)    What if one the neighbors get a virus, is the person
> who initially setup the
> Wi-Fi network liable?
> E)    What if any expectations to privacy do the unauthorized
> users have?
>
> Herman
>
> - -----Original Message-----
> From: Daryl Davis [mailto:daryl () ultbingo com]
> Sent: Tuesday, 04 October, 2005 12:56
> To: security-basics () securityfocus com
> Subject: Wireless blocking
>
>
> I believe I have an unauthorized wireless router on my
> network.  I have been unable to physically find it as of yet.
>
> Does anyone know how to find the hidden SSID and then Jam it?
>
> Thank you.
>
> Daryl R Davis
> Digital Game Media, Inc.
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3
>
> iQA/AwUBQ01ORx/i52nbE9vTEQJiUgCeOOjX9N6x73SckuWo8IM3fRrF7NoAni3P
> b8FzLCft8X2qZYK7BYhdx+E3
> =9dp4
> -----END PGP SIGNATURE-----


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQ06tYB/i52nbE9vTEQKgZACdEMt4pGr2PZRgbGdqKH4jTHDfX/MAni8p
VH8d2X6YFd5CM6XaD5LbQrGJ
=doq1
-----END PGP SIGNATURE-----