RE: Interlopers on the WLAN

["Frank O'Dwyer" <fod () brd ie>]

Ultimately it's going to be up to the judge I guess, but I'm just saying
how I think the law ought to interpret it. Bear in mind that there are
many open WLAN points out there which really are intended for use by
anyone, and not just the obvious ones you describe below. This sort of
thing may even grow organically to form WLAN internets - that's even
likely, as it makes great economic sense. 

So if you set your network up in the same sort of configuration, without
even a rudimentary attempt to restrict access, no clue that the network
is private, and route every packet thrown at you, then how on earth is
anyone supposed to know what you intended. Basically, it's unreasonable
to expect people to read your mind. 

It's a bit like the company sets up a web site with a routable IP and
public DNS records, allows it to appear on google, and then turns round
and says "hey you! what are you doing on our intranet???!!" 

Or it's like painting your bicycle white and leaving it unlocked in a
town where it is commonly understood that white bicycles are provided
for use by anyone.

Cheers,
Frank

On Wed, 2002-11-06 at 03:39, Bill Royds wrote:
> Last weekend, I and other members of Whitehats.ca went to a local pub. When we arrived there there were little cards 
> on each table that this pub has wireless Ethernet available. Nice pub touch since it was just a block from the Cognos 
> head office. 
>
> I think, that is the only real invitation to use a wireless LAN. 
> Using one just because it is there is the same as going into someone's office and plugging into the RJ45 connection 
> in the wall.  It wouldn't make you too popular with the corporate LAN administration so why should connecting to open 
> wireless mean anything different.
>
> -----Original Message-----
> From: firewall-wizards-admin () honor icsalabs com
> [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Frank
> O'Dwyer
> Sent: Tue November 05 2002 18:29
> To: pjklist () ekahuna com
> Cc: firewall-wizards () honor icsalabs com
> Subject: Re: [fw-wiz] Interlopers on the WLAN
>
>
> I think it ought to make a difference if an attempt has been made to
> secure the network. Otherwise you are expecting people to read your mind
> as to whether you intend the network to be private or not. For all its
> faults, WEP is at least a fairly large clue that the network is intended
> to be private.
>
> But if you haven't even turned WEP on, then who's to say whether your
> network is supposed to be for employees only, or an access hotspot for
> anyone who passes by. It's not like you left your door unlocked or
> something, it's more like you hung a big orange sign on your door saying
> "welcome!". The very fact that you're broadcasting the ESSID with no
> security measures whatsoever could be reasonably construed as a public
> invitation to connect.
>
> Similarly if you had a publicly accessible system which popped up
> "welcome to the foo system" and logged you straight in with no password,
> (rather than "this system is private property and unauthorised access is
> not permitted", followed by a login prompt) then you would (and should)
> have a tough time pressing charges against anyone who connected.
>
> Cheers,
> Frank
>
> On Tue, 2002-11-05 at 08:23, Philip J. Koenig wrote:
> > Please forgive if this has been covered before, I'm not reading the 
> > group daily these days.
> >
> > Is it reasonable to assume that those who access WLANs without the 
> > permission of the owner are violating the same cybercrime laws that 
> > apply to any unauthorized access of a computer network?
> >
> > Some have recently argued this is not the case if someone doesn't 
> > "enable the security features", but personally I don't see the 
> > distinction between this kind of activity and anything normally 
> > prohibited by laws such as California Penal Code section 502a and 
> > various other cybercrime laws.  It doesn't seem to me that the law 
> > makes a distinction about whether the network in question was secured 
> > or not. (what does 'secured' mean anyway?)
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards