Penetration Testing mailing list archives
Re: Legality of WEP Cracking
From: "Justin Ferguson" <jnferguson () gmail com>
Date: Sun, 20 May 2007 18:02:13 -0400
> How about this scenario. > > I am sitting in a Starbuck$ and am connected to the T-Mobile Wireless > service. > I start Wireshark and capture all the packets I am seeing from the WAP. > Is this legal or illegal?
Here is a counter-scenario, You're sitting in a Starbucks with a device that can monitor cell phone communications, and begin to see all of the cellphone communications in the area. Is this legal or illegal? How is your situation different? The only real difference I see is in your hardware, in one you've had to obtain and most likely modify some device to monitor the cell usage, in the other you've used off-the-shelf consumer grade electronics without any real modifications to it, aside from the software (which may be argued as being the same as the modifications you made to the hardware for the cell monitoring), however I don't believe a judge/et cetera will be overly sympathetic simply because you had to work less to do it.
1) Legal, because your wifi card has already captured the packets regardless of whether you're using software to save/process/display them. This applies to all wifi transmissions, encrypted or otherwise. It's the firmware/drivers/software that decide what happens to traffic that you have already intercepted whether you intended to or not. If you think about it, wifi networks couldn't work without this 'receive all frames/traffic by default' behaviour!
This is probably one of the larger reasons I've not gone into law, it's not quite as 'binary' as computers, I've had numerous debates with a former co-worker on subjects along these lines (hi tom). To take it a bit further though, let's step past this first step where you're NIC receive the packet not destined for it and go on to step 2, what is done with that frame once its been received? Under normal circumstances it would be dropped, under your circumstances you would take it and display it/log it/whatever, and that is most likely where the transgression occurs, I think arguing a defense like this would most likely fail. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- RE: Legality of WEP Cracking, (continued)
- RE: Legality of WEP Cracking Shenk, Jerry A (May 18)
- Re: Legality of WEP Cracking crazy frog crazy frog (May 18)
- Re: Legality of WEP Cracking Tim Shea (May 18)
- RE: Legality of WEP Cracking Richard Brinson (May 18)
- Re: Legality of WEP Cracking crazy frog crazy frog (May 19)
- Re: Legality of WEP Cracking crazy frog crazy frog (May 18)
- RE: Legality of WEP Cracking Shenk, Jerry A (May 18)
- Re: Legality of WEP Cracking Morning Wood (May 18)
- Re: Legality of WEP Cracking DaKahuna (May 19)
- Re: Legality of WEP Cracking Carl Livitt (May 20)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- RE: Legality of WEP Cracking Richard Brinson (May 23)
- Re: Legality of WEP Cracking Nick Selby (May 27)
- Re: Legality of WEP Cracking Nicholas Chapel (May 23)
- RE: RE: Legality of WEP Cracking Erin Carroll (May 18)