Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: Legality of WEP Cracking

From: ebk_lists () hotmail com
Date: 18 May 2007 19:00:02 -0000
It's a question of the laws of the country you are in, for sure. But overall I think that by actively cracking the wep 
or wpa or whatever encryption, you are treading on thin ice, if not breaking the law altogether. My brief google didn't 
reveal any specific examples, but based on what I already have learned about the law and how it applies (at least in 
the US), I would say that eavesdropping on UNENCRYPTED wireless communications is ok. By failing to use encryption, the 
people are, as you say, giving up their expectation of privacy. Especially given the fact that wireless communications 
are a bit ubiquitous due to their nature. 

However, the line gets drawn once they are using encryption. They have taken a step to provide a measure of privacy 
(even while using something as broken as wep) and by actively trying to surpass that, I think you may be in a bit of 
danger. Although I don't know for sure. Hopefully someone else can give us more legal reference.

Regardless, this is a bad idea and I would highly recommend NOT doing this for/against anyone that isn't paying you and 
has given you a sign "get out of jail" letter. You have rightly dismissed this one.
 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: