Penetration Testing mailing list archives
Re: Legality of WEP Cracking
From: Bob Radvanovsky <rsradvan () unixworks net>
Date: Sat, 19 May 2007 06:29:27 -0500
Actually, in some states, such as Florida, capturing ("sniffing") packets is illegal based on its *intent*; the intent, unless you are performing this on your own wireless network, is to either illegally connect, or utilize any captured information in a subversive manner. This was pointed out to me at a cybercrime conference last year by an FDLE officer (Florida Status 815.06 under the Florida Computer Crime Act of 1988). I was demonstrating that the hotel had several networks that were wide open (not initially realizing that he was a police officer), demonstrating that both businesses and individuals alike, were overly-trusting about their computer networks. Nonetheless, it was an interesting conference. So although -- at a federal level (within the United States) -- it may not be illegal to perform packet capturing on wireless networks, it *may* be at local or states (provincial) levels, such as the case with the State of Florida (http://www.clas.ufl.edu/docs/flcrimes/section2_1_1.html). I believe that there are several other states which have similar laws, which -- if caught -- carry a stiff penalty. California is one of 'em (see also: http://www.securityfocus.com/columnists/412). Hope this helps... -rad DISCLAIMER: I am NOT an attorney at law, nor do I represent any such organizations providing any legal advise; if you are unsure of your actions, please contact your local law enforcement office, regional FBI office, or an attorney. ----- Original Message ----- From: Morning Wood [mailto:se_cur_ity () hotmail com] To: pen-test () securityfocus com Subject: Re: Legality of WEP Cracking
The UK law is clear, I quote from the UK Computer Misuse Act 1990 (http://www.opsi.gov.uk/ACTS/acts1990/Ukpga_19900018_en_2.htm):from what I understand here in the US... "sniffing the air" is legal "connecting to an AP you do not have explicit permission" is illegal "possession of an access restriction device" eg: WEP key that you are not explicitly allowed permission is illegal capturing airborne packets "may" be legal, but the moment you begin to "try" to "crack" a WEP key, you would be entering access restriction device realm instantly. ( do not pass GO! ) , as well, simply connecting to your target AP is illegal from the get-go ( gimme your dice! ) but my understanding is only a perspective, which may or not be completely askew... M.W ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: Legality of WEP Cracking, (continued)
- Re: Legality of WEP Cracking Paul Dickens (May 23)
- RE: Legality of WEP Cracking Richard Brinson (May 23)
- Re: Legality of WEP Cracking Nick Selby (May 27)
- Re: Legality of WEP Cracking Nicholas Chapel (May 23)
- RE: Legality of WEP Cracking Richard Brinson (May 23)
- Re: RE: Legality of WEP Cracking ebk_lists (May 18)
- RE: RE: Legality of WEP Cracking Erin Carroll (May 18)
- RE:Legality of WEP cracking scott (May 18)
- Re: Legality of WEP Cracking Matthew Webster (May 18)
- Re: Re: Legality of WEP Cracking cwright (May 18)
- Re: Legality of WEP Cracking Chris Travers (May 19)
- Re: Legality of WEP Cracking Bob Radvanovsky (May 19)
- Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Re: Legality of WEP Cracking Matthew Webster (May 19)
- Re: Re: Re: Legality of WEP Cracking ebk_lists (May 19)
- Re: Re: Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Legality of WEP Cracking cwright (May 20)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Legality of WEP Cracking Larry Offley (May 21)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Re: Legality of WEP Cracking ebk_lists (May 21)
- RE: Re: Legality of WEP Cracking John Babio (May 21)
(Thread continues...)
- Re: Legality of WEP Cracking Paul Dickens (May 23)