Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: More on FBI advisory on 802.11-spotting "wardriving"

From: Declan McCullagh <declan () well com>
Date: Wed, 14 Aug 2002 01:00:01 -0400
I heard back from the FBI's Bill Shore, who wrote the advisory (http://www.politechbot.com/p-03884.html). He said that "Theft of services is not a federal violation per se. Check my comments a little more closely." Perhaps he means that it could be a violation of state law? (A quick skim of state laws shows that they often use language like accessing a resource to which you're not "entitled.")
See also Pennsylvania criminal law (http://members.aol.com/StatutesP7/18PA910.html). A quick read suggests that it bans the possession of a "telecommunication device" that can receive or transmit in any manner, including on a wireless network, "without the consent of the telecommunication service provider." Any criminal lawyers want to think this through? (The definition includes computer software, BTW.)
Bill also said that his message forwarded to Politech was "just a release I made to the Pittsburgh InfraGard Chapter, so it is not really an FBI Warning, advisory, or anything like that from NIPC. I just thought it would be relevant and interesting to our local chapter." 

Also, from a few weeks ago:

"Notes on federal indictment for 'war dialing' offense"
http://www.politechbot.com/p-03827.html

-Declan

---

Date: Tue, 13 Aug 2002 13:54:36 -0500 (CDT)
From: "Robert A. Hayden" <rhayden () geek net>
To: Declan McCullagh <declan () well com>
Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"

The only concern about this is that this is a case of using a hammer
(federal law) to solve a problem that could be fixed with a tiny
screwdriver (ie, enabling even minimal security on the access point).

Of course, given the state of things this past year, this is hardly
surprising.

---

Date: Tue, 13 Aug 2002 14:07:13 -0700
From: Tim Pozar <pozar () lns com>
To: billshore () fbi gov, declan () well com
Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"

Always our (BAWUG) and Peter Shipley's claim too.  If you sniff the
ether and identify a network being out there that is one thing.  If
you start to use the network then you are stealing service.  This
comes to one of the problems we are trying to work out.  When is
an unencrypted AP an "open-AP"?  Can you just have "OPEN_AP" as an
SSID?

Tim

---

Date: Tue, 13 Aug 2002 20:13:33 -0600
To: Declan McCullagh <declan () well com>
From: "Richard Johnson" <rdump () river com>
Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
Cc: rdump () river com, billshore () fbi gov
Content-Type: text/plain; charset="us-ascii"

At 15:18 -0400 on 13/08/2002, Declan McCullagh wrote:
> This letter is from last month but we haven't covered it on Politech
> before. Read it carefully: The FBI claims that using an open 802.11
> access point without explicit authorization may be a federal crime
> ("theft of services").


I dusted off and updated my reasonability and open wireless access page
using Agent Shore's letter to focus it.  Good inspiration, that letter. :-)
Link is below.


Richard

-------

Reasonability and Open Wireless Network Access

13 August 2002

Recently, Declan McCullagh's Politech list brought to my attention a letter
from Special Agent Bill Shore (local copy with clickable URLs),
FBI-Pittsburgh. In the letter, Agent Shore references some information from
CERT regarding restricting access to wireless networks intended to be
private. However, he also states that there may be criminal violations
occuring if an open wireless network is actually used, rather than just
having its beacon noted in passing. I believe that is a troubling, even
dangerous, misinterpretation. It ignores the intent behind open wireless
networking, and fails the test of reasonableness.

I feel Agent Shore's letter deserves an answer from someone whose hobby and
job both involve providing open and securely private 802.11b wireless
access. ...

http://www.river.com/users/rdump/community-wireless/reasonability.html

---

From: Scott Ullrich <sullrich () CRE8 COM>
To: "'declan () well com'" <declan () well com>
Subject: RE: FBI releases advisory about 802.11-spotting "wardriving"
Date: Tue, 13 Aug 2002 17:39:06 -0400

Declan,
Please dont post my name but I didnt gather this from the document at all. It is simply stating that there are people driving around "WarChalking" available wireless networks. The document goes on to describe that "WarDriving" is not illegal but accessing their system after discovering it _may be_. 

This all seems pretty straight forward to me.

QUOTE: "Identifying the presence of a wireless network may not be a
criminal violation, however, there may be criminal violations if the
network is actually accessed including theft of services, interception
of communications, misuse of computing resources, up to and including
violations of the Federal Computer Fraud and Abuse Statute, Theft of
Trade Secrets, and other federal violations."
This is pretty straight forward, saying that after a network is disocvered, if someone actually uses it, they may be breaking a law. This is true on one hand, but on the other, people should not be nailing up wireless networks that are not properly secured using VPN's. Note: WEP is breakable very quickly with a package known as Air-Snort. 

Thanks,

Scott Ullrich
Networking/System Administrator.

---

Date: Tue, 13 Aug 2002 18:38:59 -0400 (EDT)
From: rjh () theworld com
Reply-To: rjh () theworld com
Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
To: declan () well com
cc: politech () politechbot com, billshore () fbi gov

On 13 Aug, Declan McCullagh wrote:
> This letter is from last month but we haven't covered it on Politech
> before. Read it carefully: The FBI claims that using an open 802.11
> access point without explicit authorization may be a federal crime
> ("theft of services").
>

Will they do the same for unauthorized use of my DSL link to send spam?
What if I add an 802.11 link?  It would be well worth the extra cost if
that made spam a federal crime.

More seriously, I think they are right as long as you take a reasonable
view of authorization.  I know that I have one relative who thinks
public use of his wireless LAN is perfectly OK.  I have another who is
scrupulous about using 128-bit WEP, regular password changing,
authorized MAC addresses only and encrypted applications.  As long as
law enforcement respected both their different attitudes I would have no
problem with considering unauthorized use a crime.

R Horn

---

Date: Tue, 13 Aug 2002 20:24:28 -0700 (PDT)
From: Eric Johanson <ericj () cubesearch com>
To: Declan McCullagh <declan () well com>
Cc: Todd Boyle <tboyle () rosehill net>,
   "Christopher K. Neitzert" <chris () neitzert com>, <billshore () fbi gov>
Subject: Re: [BAWUG] FC: FBI releases advisory about 802.11-spotting
 "wardriving" (fwd)

Bah, this Bill Shore fellow is just alarmist, and is making up his own
laws.

It looks like a typical scare tactic by some feeb underling looking for
press.  It was, however, good that he pointed out that folks should secure
their networks.


Here is some background:

An OPEN access point with no WEP functions as follows:

The AP will beacon it's ESSID, many times a second. (shouting out: I'm
right here!)

If I open my notebook, it sends a 'anybody out there' request on the
airwaves.

The AP responds, and sends the ESSID (network name) to the client

The client sends a association request

The AP responds with an ACK

The client asks for an IP address

The AP responds back with an IP, dns servers, and a GATEWAY ADDRESS TO THE
INTERNET.



If you ask me, that's clearly an invitation.  It's not trespass if you
get invited in.   While he is correct in pointing out that 'stealing data
is unlawful', it's worded in a vague sense..  But using an internet
service that was offered to you is not 'stealing data'.  If I then hacked
into their computer system, or otherwise broke the law while using this
internet connection, then it's unlawful.

It really is just as simple as 'locking the door'.  While WEP is proven to
have security issues, so does the deadbolt on my front door.  Somebody
could break in, but it makes it VERY clear that you are not welcome.

-Eric

---




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Like Politech? Make a donation here: http://www.politechbot.com/donate/
Recent CNET News.com articles: http://news.search.com/search?q=declan
CNET Radio 9:40 am ET weekdays: http://cnet.com/broadband/0-7227152.html
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: