Re: Interlopers on the WLAN

["Frank O'Dwyer" <fod () brd ie>]

I'm not an attorney either, but I wouldn't be so sure that the below is
as clear cut as all that:

(a) Note the number of references to "intentionally" and "knowingly" in
the law.

(b) Note that the guy with the laptop ALSO is in possession of a
"protected computer". So any law referring to unauthorised access is a
sword that cuts both ways. Maybe you will find yourself trying to
explain why you configured the user's computer with an IP address
without the owner's permission, or just what you were thinking when you
impersonated a public access point. :)

Why not ... after all, the access point contacts the user's computer
first, right? :)

Cheers,
Frank.

On Wed, 2002-11-06 at 16:49, Dave Piscitello wrote:
> According to the FBI field agents who spoke at a seminar series I recently 
> participated in, if you "stumble upon" an ESSID, actively attempt to obtain 
> an address by scanning or using one helpfully provided via DHCP, you are
> engaged in an unauthorized access and can be prosecuted under
>
> USC TITLE 18 > PART I > CHAPTER 47 > Sec. 1030,
> Fraud and related activity in connection with computers
>
> One of several URLs: http://www4.law.cornell.edu/uscode/18/1030.html
>
> If you're curious how it's being enforced w/r/t WLANs, contact the FBI 
> through your local Infragard chapter?
>
> I don't think people will be able to make a case about "secured" or not. 
> I'm not an attorney, but I think the same logic that dictates that "I leave 
> my doors unlocked - it's my home and if you enter while I'm not there it's 
> unauthorized entry" applies here. My opinion as well is that once you 
> obtain or use an IP address/mask/gateway that you clearly know belongs to 
> someone else, you have attacked a network:
>
> - unauthorized use of resources
> - denial of service to others who might wish to use the address
> - disruption of service of a host that is normally assigned the IP address used
> - unauthorized receipt of transmissions over the WLAN
> - etc.
>
> It's not "clever" any more...
> Considerably more clever people than those who are war-driving proved a 
> point, now it's cracker chic
>
> At 12:23 AM 11/5/2002 -0800, Philip J Koenig wrote:
> > Please forgive if this has been covered before, I'm not reading the
> > group daily these days.
> >
> > Is it reasonable to assume that those who access WLANs without the
> > permission of the owner are violating the same cybercrime laws that
> > apply to any unauthorized access of a computer network?
> >
> > Some have recently argued this is not the case if someone doesn't
> > "enable the security features", but personally I don't see the
> > distinction between this kind of activity and anything normally
> > prohibited by laws such as California Penal Code section 502a and
> > various other cybercrime laws.  It doesn't seem to me that the law
> > makes a distinction about whether the network in question was secured
> > or not. (what does 'secured' mean anyway?)
> >
> > TIA,
> >
> > Phil
> >
> > --
> > Philip J. Koenig
> > pjklist () ekahuna com
> > Electric Kahuna Systems -- Computers & Communications for the New
> > Millenium
> >
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards () honor icsalabs com
> > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
>
> David M. Piscitello
> Core Competence, Inc. &
> 3 Myrtle Bank Lane
> Hilton Head, SC 29926
> dave () corecom com
> 843.689.5595
> www.corecom.com
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards