Stealing WiFi…

I was listening to episode 59 of TWiT and they got into a discussion on open public wifi. They didn’t go into much detail on if it’s right or wrong to use an open wifi network. Leo made his stance known that he thinks if the network is open it’s not stealing to use it.

I was listening, while jogging, so I had the time to over-consider the concept and I’ve made my decision. Using an open wifi network IS STEALING. I’ve got many points backing up my logic. First, somebody is paying for that service. Did you get permission to use it? If not, then you have no right to use it. The person/business that has left the signal open might not mind you using the network access, but without asking you’re just stealing.

Another thought I had was the idea that you have “stumbled across” the free wifi. Kind of just found it in the street, if you will. And if you think of other things, that people own or have paid for, and might leave in the street how would you feel about picking them up/using them/taking them. If you find a car unlocked in the street can you just use it/borrow it without asking? What if you find a wallet in the street? Is it yours to take and have what’s in it? Probably not, with the wallet. You’d most likely try to contact whoever the wallet belongs to and return it.

Anyhow, I’m not saying that I haven’t and don’t use open public wifi when I stumble across it, without getting permission first. I’m just saying the logic that, “hey, they should have secured it, they should lock it down,” isn’t probably good enough to use the connectivity. I’m guessing the lawmakers will take a stance on this and it will make the topic even more interesting.

This Post Has 15 Comments

  1. pete

    hmmmm… i think that it so easy to add a WEP key to your network, that anyone that doesn’t add one is inherantly granting permission for public access. i feel no guilt about using open wifi connections

  2. Erik Weibust

    If I leave my front door open or unlocked does that mean you can come in and use my TV, shower, or other appliance/service?

    Erik

  3. Mark

    From a Christian point of view, using someone’s else’s stuff without their permission is wrong. To what level, is where I think the grey area kicks in.

    (Debate mode on)
    I believe your open front door analogy is incorrect. The person may aquire and use your bandwidth without him ever setting foot on your property. What’s worse is they may be on public land while using it so I don’t think trespassing has anything to do with it. Adding to that, the owner of the signal could be on another street.

    I also think the car and wallet fail but on another level. A car has a unique VIN number, registration and a CERTAIN key to use it. A wallet has some of the same identifying details as a car. It has your license, photo id so anyone who picks it up will quickly know this wallet or car is owned by someone. Both are tangeble property. Wifi is not. A WEP router left at it’s default SSID is no one’s. I equate it to leaving money on the side walk. The person who finds it has no way of knowing who dropped it, where it came from or who’s it is. Most people will make an attempt to reconnect the money with the owner if the value is high enough. To prove my point how many quarters have you just kept upon finding?

    If you stumble across wifi, you have no idea who’s it is and, you have no way of quickly determining if it’s meant to be an open access point or just someone who has no clue; meaning they don’t mean to share it.

    My last point is usage amounts. Let’s say you find a wifi spot at 1pm. Once on you quickly figure out you are the only one on. As long as you use that point for legal purposes and in a minimal fashion, how are you effecting the owner? You’re not. There is no loss to the owner what’s so ever. He’s paid his monthly fee and if all you do is jump on to check your mail nothing changes. Meaning you see a quarter, you pick it upthe owner, you make no attempt to find it’s owner, and you just keep going.

    That’s why I think it comes down to usage. If you d/l via bit torrent something illegal or spend all day using up gig bytes of bandwadth, you’re an idiot and deserve to be nailed. But if you’re just some guy who downloaded 10Kbs of email and then left, I don’t see the problem.

    BTW, given how easy it is to jump onto the wrong network (http://falconportal.com/family/blog_main.php?blog_id=380)
    I agree that something needs to be done.

  4. pete

    i would not hesitate to use your shower either…lock your door! 🙂

  5. Erik Weibust

    Pete,

    Use my shower, TV, toothbrush, and anything else in the house. If my door had a keypad to unlock you’d already know the code. 🙂

    Erik

  6. Erik Weibust

    Mark,

    Great, well-thought-out comment. If only I aggreed. 🙂 Just kidding.

    Your point on money being on the street vs left in a wallet was great.

    My problem is this. Think about it this way. Somebody is paying for the internet service that you are using for free. They may or may not want you using it. How about you think about it this way… My wife bakes an apple pie and sets it on the window sill. The window is open and the wonderful smell goes out the window into a public park behind my house. Just because you smell the pie doesn’t mean you can have a bite. Just because you can smell a wifi signal doesn’t mean you can use it, even if it “leaks” into a public place.

    Erik

  7. Josiah Ritchie

    How am I, as a friendly neighbor, supposed to tell people wandering through my neighborhood that they are welcome to use my network? It seems to me that the best way to do this is to set the SSID as your street address and then leave it open. Many don’t think to add the street address, but are plenty comfortable with others using it, accepting the potential associated risk. Again, how do I know the difference. It seems that availability communicates something.

    Those who seriously care one way or the other, “lock the door”. Those who don’t mind you stopping by and using their shower can not very well connect it up on the curb. There isn’t much demand for that sort of thing anyway.

    Further, there are very few who pay a variable fee for Internet access. Most pay a set fee per month. Your water is paid for according to use. Is it stealing something that wouldn’t be used anyway? Perhaps in American culture, but not in all cultures. Take the Native American view of the land (at least some tribes, I don’t claim to be an American Indian student). The land was community property. Consider communities that provide Internet access to the entire community. The most famous is probably Google & San Francisco. Google pays, everyone benefits. In other communities it is provided through tax payers.

    Anyway, my point, is that this is a service unlike others we are used to in the residential areas. The closest comparable thing I can think of that is common in homes are 2-way radios or wireless telephone. If I was using a 2-way radio on an open channel (un-encrypted), I wouldn’t have any legal recourse if someone listened in and talked on the same channel. They are free to do it under FCC laws and whatever. Wireless is a set of radios talking with each other in the same way. If you don’t want someone butting in you encrypt it somehow. That’s what wireless phones do, out of the box.

    I think the real argument is whether AP providers should require configuration (or some sort of intentional disregard) of encryption before it would operate. Cisco already does this on their devices. I think it reasonable to expect home owners to do this. If they can’t manage it, they probably shouldn’t be operating a WAP anyway (for their own protection). Ignorance is no argument, the home owner is still responsible.

    Therefore, I use wifi when it’s open in a responsible manner respecting the provider’s network by not using heavy bandwidth sort of programs or surfing irresponsibly. I assume that someone setting up a network will encrypt it if they want to in the same way I expect them to encrypt their phone and 2-way radio conversations. If they have made any attempt, however feeble, I stay off.

    OK, I’ve developed that argument a bit more than I intended. 🙂

  8. Mark

    Erik – Thanks. Regarding your pie theory (for some strange reason I am now hungry) and I hate to keep bring this up but, the pie is a object sitting on your property which is protected by law. The smell how ever is the thing that is very much like wifi. If your wife only wanted you to take in the aroma, she should close the windows, etc etc to make sure none of the smell drifted outside. By placing that pie where anyone could smell it, even if your wife only wants you to enjoy the smell, would allow anyone to enjoy it. I hope that makes sense.

    JR – “I think it reasonable to expect home owners to do this. If they can’t manage it, they probably shouldn’t be operating a WAP anyway (for their own protection). Ignorance is no argument, the home owner is still responsible.”

    Major OEMs do not think about their customers that way. Having dealt with Dell, Sony, IBM, Toshiba (just to name a few) they did everything in their power to shield them from any form of tech. Think about, syncing a pda required the push of one button. IPod syncing (from what I’ve been told) is completely automated to once again keep the customer totally dependent upon the OEM’s slick interface to get the job done. Heck Apple has built it’s entire business around shielding it’s customers from the technical end of things. And we can’t forget the ISP’s who ship out their routers with wifi WEP enabled in an effort to keep support calls down.

    I guess what I am trying to say is I disagree. (sorry) 😉

  9. Josiah Ritchie

    Mark, don’t be sorry. What exactly do you disagree with? My point was that the owner of the WAP should be responsible for it’s security. You seemed to state the same thing in your response to Erik’s pie analogy.

    What I think you disagree with is that the OEM should set it up so that it must be configured by the end user. I agree that it is highly unlikely to happen. This sort of thing would give them a reputation for being difficult to install and therefore not a mainstream device. I don’t think this really negates any of my points as that wasn’t meant to be supportive, just a side discussion. It’s just something I’d like to see, but agree that it isn’t likely to ever happen since it would make it a bit harder to use.

  10. Mark

    JR – I should have been more clear.

    While I agree in the geek world that everyone should be responsible for the security of their WAP, it will never happen given the technical aspect of the process being what it is.

    Think about it, how many people when just running into the store leave their car windows open, doors unlocked or better yet, leave the car running?
    How many people shut and lock every window in the house when they leave? Some have alarms, some don’t, and some have alarms and don’t even use them.

    At my last job we got hit with the Iloveyou virus/ bug thing. It was later tracked down to a secratary who openly admitted to opening everything that was sent to her. The IT crowd gave her the benefit of the doubt and everything was dropped. 6months later she did the same exact thing. Once again she was “talked-to” and the result was fascinating. She was the Secr to one of the big boys in the company. 15 years, perfect record, great reviews, etc etc. She told the IT department with the backing of her boss that deciding which email to open or not open was not her job, it was the IT’s job. Her job was to read and properly deal with all emails ASAP because any delay would cost the company money.

    The result, they wrote some script thing to have all her email held for 1/2hr so it could be filtered before it even got to her on top of all the virus protection the company already had running. Also, anything she sent out was once again delayed (for further filtering). Her boss later opened a ticket with the IT dept that her email was slow. 😉

  11. Erik Weibust

    Hey Josiah and Mark… Are ya’ll stealling my blog space for some two-communication? 🙂 Just kidding! I love that I wrote something that actually generated some thought provoking comments.

    Mark, great story on the secretary.

    One more thing by me…

    If a company pays for and sets up a wifi network. They have not posted in a publicly viewable space that the service is free for all people. You use the service. They get your MAC address from the router, call the police, and have you arrested for stealing. What do you think? The company paid for the internet connection and never said you could use the bandwith. You use it without asking. It’s a touchy subject, but I’m not sure what happens.

    Erik

  12. Josiah Ritchie

    Erik, I think that all this still has to walk through the court system. Legally the issue is terribly unclear. Once it is ruled on, these discussions will become less important. 🙂

    Currently the closest is with other types of radio waves and that’s where I get my argument.

    Mark, that’s a great story. In my mind, it illustrates the need for people to be held responsible. In the story, the IT department decided that the company (or the dept.) would be held responsible for the actions of the employee so they came up with a method to cope with the risk. The entity resolved the problems of the entity, more or less. In a private home, the person is the entity. They are responsible for their use of this technology. Where they are protected from these concerns at work, they are no longer protected at home and must protect themselves.

    This is the same way financials work. At work, I buy something and send the invoice to the business office who pays (or not) the bill and handles haggling over things like out tax-exempt status, decides whether the company is going to pay with credit or out of money in a bank account, etc. When I go home, My wife and I have to make all those decisions when we pay the rent or electric bill.

    In this situation, the company must be viewed as a whole, not an individual person or the story doesn’t apply. The company is responsible for their actions. That’s why I take advantage of opportunities of making my users a little more technologically literate. I’m glad to take the opportunity to explain things in great detail if someone actually wants to know. The whole company is the same as the person at home.

    Really, this comes down to a problem in our society entirely void of technological elements. In our society an individual is generally a victim of their environment instead of responsible for their own actions.

    On most consumer WAPs, it is as easy to setup encryption as getting an account on the New York Times to read their latest news. It’s a little confusing at first, but if you really want to, all you need to do is read the directions to figure it out. Then it’s just an issue of getting your computer to connect, this is equally as easy, if not more so. Why should people not be held responsible for this?

    Thanks for the discussion guys. 🙂

  13. Mark

    Erik: Your example companies IT guy should be fired for running a WAP without any form of protection. 😉

  14. Erik Weibust

    Ok, guys. This was GREAT! I’m still in the camp that it’s not right to ever use the wifi service w/o permission, but you’ve made great points.

    Also, this post easy wins for most “commented on” post on my blog. Good stuff!

    Erik

Comments are closed.