Jump to content
mortagen

Free internet... what's stopping me or you other than morals?

Recommended Posts

Of course not. However, the locked door analogy is a false one. If you set up wireless security, then it will remain secured. It is not something you must "remember to lock". Indeed, these days when a wireless connection is enabled by default, and security must deliberately be turned off, it is fair to say it was the intention of the owner to make the network open.

No, it isn't. If the SSID is something like "free public internet" then sure, that would become a valid assumption. But just because someone has left their wireless network unlocked is no reason to assume they want you to use it. As MacDude said, I don't know that every router out there is secure by default. But even if that were true (and I doubt very much that it is), there are still many reasons why a network could be unsecured. Someone could have done it for testing purposes and forgot to put it back. They may have a device that will not connect to a secure network, for whatever reason. While I don't know of any malware that will disable a router's security, I'd be surprised if there wasn't something out there that would at least *try* to do it. If someone wants to open up a public wifi network, they will let you know one way or another. Simply having it unsecured, though, cannot be seen as an invitation -- and yes, the lcoked door analogy does work. If you forget to lock your door one day, is that an invitation for people to wander in and eat your food? If you disable wireless security for some reason and forget to put it back on, is that an invitation for people to connect to your network and use your data?

 

 

I remember something off a courtcase, but am unsure if it was even australian, that had a ruling based on what I'm saying.

Vague recollections of a court-case are pretty useless for a discussion like this, although I'd be interested in the details if you could find them. A ruling of "it was an unsecured network, therefore it was no crime to use it," though is never going to be as simple as just that. There will be other specific factors that speak to the legality of the act. Further to that though, the fact that something is legal does not, for me, imply that it is right (and yes, that does work the other way around).

Share this post


Link to post
Share on other sites

This is not the first time I've heard this claim, and people state it as if it is absolute fact, but is it true?

 

*snip*

 

When you think about it, the only way to have security turned on by default is if you list the security settings in the manual, then everyone would know it unless you changed it. Remember, we aren't talking about Atomic subscribers, we are talking about your average family.

 

So back to the statement that security is turned on by default, I have randomly picked 3 wireless routers that say otherwise (and yes, I downloaded the manual). Sure, they tell you how to set up security, but I'm sure folks will see their network working with the default settings and not want to tamper with it...Oh, and I completely agree, 3 routers is a tiny sample, but I was trying to understand where the fact that "security is on by default" comes from...

Fair enough. That is interesting. In my experience you normally get a warning before disabling security, or leaving it disabled. I would also state that if an old modem is being used, then the owner has a responsibility to secure their connection. There is little excuse in this day and age. I admit however that my statement does not necessarily apply at this point in time.

 

 

No, it isn't. If the SSID is something like "free public internet" then sure, that would become a valid assumption. But just because someone has left their wireless network unlocked is no reason to assume they want you to use it. As MacDude said, I don't know that every router out there is secure by default. But even if that were true (and I doubt very much that it is), there are still many reasons why a network could be unsecured. Someone could have done it for testing purposes and forgot to put it back. They may have a device that will not connect to a secure network, for whatever reason. While I don't know of any malware that will disable a router's security, I'd be surprised if there wasn't something out there that would at least *try* to do it. If someone wants to open up a public wifi network, they will let you know one way or another. Simply having it unsecured, though, cannot be seen as an invitation -- and yes, the locked door analogy does work. If you forget to lock your door one day, is that an invitation for people to wander in and eat your food? If you disable wireless security for some reason and forget to put it back on, is that an invitation for people to connect to your network and use your data?

Even if every router is not secure by default, which I concede, by and far the majority are, and certainly any modem purchased in the last few years. The reasons you give for why a network may have been left open are not convincing arguments. If you are connecting to an insecure network, you will generally be aware of this from the client software. If you choose to leave a network open for compatibility with a shitty device, then that is a conscious choice.

 

There is no malware I am aware of that is able to connect to a modem, and disable the security. There really would be little point in writing such a thing unless it was a specialized case.

 

Seeing an unsecured network, broadcasting to join..sorry, but yes, that is an invitation. The modem is acting on behalf of the people that set it up. If I ask for permission to join a network, and I my computer is assigned an IP address and access to a gateway, then I have been granted permission. The locked door analogy does not work, for the reasons I outlined above, which you failed to respond to. Repeating the point does not make it so. A more accurate analogy would be that an unsecured network is equivilant to a lawn lacking a no tresspassing sign, i.e. tresspassing wil not usually be able to be prosecuted, as opposed to a secured connection, which is equivilant to having a no tresspassing sign, where tresspassing can be prosecuted.

 

Here is an article I happen to agree with, which you may find interesting.

 

 

Vague recollections of a court-case are pretty useless for a discussion like this, although I'd be interested in the details if you could find them. A ruling of "it was an unsecured network, therefore it was no crime to use it," though is never going to be as simple as just that. There will be other specific factors that speak to the legality of the act. Further to that though, the fact that something is legal does not, for me, imply that it is right (and yes, that does work the other way around).

I agree completely. I was unable to find the case I remember, and was hoping I would later, or that someone else may have remembered it. The ruling was more along the lines that since the modem was broadcasting, and I think the pc connected automatically, then the defendant could not be persecuted for taking advantage of this. It seemed relevant.

Edited by TheSecret

Share this post


Link to post
Share on other sites

As for getting free internet my router logs all Mac addresses (Yes i know you change it in backtrack) aswell as all computer names, i would just forward it on to the appropriate authorities so they are aware of your bad little habbits. You will be surprised how many people crack a friend or neighbors network and dont change their computer name in windows.

 

Then you computer name will be saved in the routers logs, for example.

 

'Terry-smith-PC' Logged in on 16-03-2009 at 21:31.

 

Oh shit you know terry smith lives next door, lets go have a chat ;)

 

 

I have used backtrack 3 before to help me secure my OWN connection to a point where it is difficult for most 'Noobs' (i dont really like that term) to crack. But i will admit i have cracked a neighbors network to prove to a colleague the insecurity of WEP technology, as much as a dont condone it most people dont believe it until they see it. But if you show them on your own network they say 'Oh thats your own network you know the ins and outs which makes it easy!'. So sometimes cracking a neighbors network for a few minutes really makes the point quite substantial!

Share this post


Link to post
Share on other sites

Fair enough. That is interesting. In my experience you normally get a warning before disabling security, or leaving it disabled. I would also state that if an old modem is being used, then the owner has a responsibility to secure their connection. There is little excuse in this day and age. I admit however that my statement does not necessarily apply at this point in time.

This is what interests me. I don't think it was EVER true at any point in time, for new or old routers. The only way you would get a warning for disabling the security on a router where the default is disabled is to turn it on first, THEN disable it.

 

But, as I said my little survey is hardly conclusive. Can anyone find a SOHO type router that has security on by default?

 

 

Even if every router is not secure by default, which I concede, by and far the majority are, and certainly any modem purchased in the last few years.

WTF? I don't understand, you either concede the point or you don't. In my example I showed two current routers, so saying "the majority are, and any modem purchased in the last few years", is in contradiction.

 

I'm confused...

Edited by Mac Dude

Share this post


Link to post
Share on other sites

Fair enough. That is interesting. In my experience you normally get a warning before disabling security, or leaving it disabled. I would also state that if an old modem is being used, then the owner has a responsibility to secure their connection. There is little excuse in this day and age. I admit however that my statement does not necessarily apply at this point in time.

This is what interests me. I don't think it was EVER true at any point in time, for new or old routers. The only way you would get a warning for disabling the security on a router where the default is disabled is to turn it on first, THEN disable it.

 

But, as I said my little survey is hardly conclusive. Can anyone find a SOHO type router that has security on by default?

 

SpeedTouch modem do. As do FritzBox modems. Also the 2wire 2701HG.

 

Are you honestly saying you have never encountered a dsl modem with a WPA/WPA2key printed on the box that had to be entered?

 

I think it is kind of irrelivant anyway. Certainly the documentation should advise to enable security, and if they are connecting to change the default password, then there is no reason security cannot be enabled. If they have not bothered to even change the default password, then they are at fault.

 

 

WTF? I don't understand, you either concede the point or you don't. In my example I showed two current routers, so saying "the majority are, and any modem purchased in the last few years", is in contradiction.

 

I'm confused...

It's very confusing isn't it? The fact that I concede that not all modems are secured by default while maintaining the majority, especially ones purchased in the last few years are? How exactly is that in contradiction to your test case of 3 modems?

 

It might just blow your mind, but it is possible to concede one point, while maintaining other points.

Edited by TheSecret

Share this post


Link to post
Share on other sites

It's very confusing isn't it? The fact that I concede that not all modems are secured by default while maintaining the majority, especially ones purchased in the last few years are? How exactly is that in contradiction to your test case of 3 modems?

 

It might just blow your mind, but it is possible to concede one point, while maintaining other points.

It's confusing because 2 of the 3 devices I talked about ARE current devices, not ones purchased more than a few years ago, as you keep on saying. I pointed this out when I looked at the 3 devices.

 

Where there may be some confusion is that I've consistently been looking at routers, where you have been talking about modems. It may be that if people add wireless to an existing network through a wireless router then they get no security by default. I've only ever owned one ADSL modem with wireless and that also had security disabled, but that was a while ago.

 

interesting.

 

On the original moral question, I don't think people's lack of understanding of network security is an excuse, an invitation, to steal their bandwidth. I think some believe it's ok because they aren't stealing anything physical, but really that's a very lame excuse IMO.

Share this post


Link to post
Share on other sites

Seeing an unsecured network, broadcasting to join..sorry, but yes, that is an invitation. The modem is acting on behalf of the people that set it up. If I ask for permission to join a network, and I my computer is assigned an IP address and access to a gateway, then I have been granted permission.

 

I agree completely. I was unable to find the case I remember, and was hoping I would later, or that someone else may have remembered it. The ruling was more along the lines that since the modem was broadcasting, and I think the pc connected automatically, then the defendant could not be persecuted for taking advantage of this. It seemed relevant.

These two points seem to form the crux of your argument, as I see it, so I hope you don't mind if I limit my response to these two alone for the sake of brevity.

 

Leaving your network unsecured and broadcasting an SSID is, certainly, "silly". It will likely result in your network being used by others. However, I don't believe that a router can make an invitation. I don't think you do either. People make invitations - they offer to allow someone to use their network. I am not naive enough to think that a network in my area with the SSID of "NETGEAR" or "John's WiFi" or "Wireless Network" has been set up with the express intention of allowing the public to use that network. If someone leaves their door open, I don't think that's an invitation to enter their house. Or, since you don't like that analogy, if someone doesn't have a "no trespassing" sign in front of their house, I don't think that's an invitation for me to set up a picnic on their front lawn. In short: the absence of a deterrent cannot, imo, be properly interpreted as an invitation.

Now, questions of legality are another thing altogether. I would certainly hope that someone would not get into trouble if their mobile device just happened to connect to an available unsecured network. However, I would hope that that person *would* get into trouble if they used that network day after day, deliberately connecting to this open network and using it to download large files. In this way, intention very much comes into play (and I would hazard a guess that it came into play in that court case you half-remember). As a rule, people are a lot better at working out when someone is legitimately offering them something than they are at setting up and maintaining secure wireless networks, and I've never been one to subscribe to the philosophy of "grab everything you can before someone figures out a way to stop you."

Share this post


Link to post
Share on other sites

look at it this way.

 

Windows default setting is to automatically connect to unsecured wireless networks.

 

I had set my housemate's computer to connect to my secured wireless network by default.

 

One day he moved his computer, and plugged the wireless USB dongle into another USB port, without realising. This caused Windows to detect it as a new device with no settings. After a few days, he realised he was using the internet without turning my modem on, when I checked it, it was connecting to a neighbour's unsecured access point instead.

 

so there are issues with Windows as well as routers/access points in default configurations (Probably OS X too, seeing as it's designed with ease in mind as well)

Share this post


Link to post
Share on other sites

SpeedTouch modem do. As do FritzBox modems. Also the 2wire 2701HG.

All the Bigpond supplied modems seem to come secured with a little card with the access key on them, so it is reasonable to assume that some other ISPs might do the same, but this is done by the ISP when they set up your modem so it is plug and go.

All the shop bought modems I have bought (several TP-Links, Billions and Netcomms) all came with security off. However the Billion did come with the wireless also turned off. The Netcomm and TP-links all came with wireless enabled.

That's been my experience anyway, again not a massive sample but across 3 different brands.

Share this post


Link to post
Share on other sites

Leaving your network unsecured and broadcasting an SSID is, certainly, "silly". It will likely result in your network being used by others. However, I don't believe that a router can make an invitation. I don't think you do either. People make invitations - they offer to allow someone to use their network. I am not naive enough to think that a network in my area with the SSID of "NETGEAR" or "John's WiFi" or "Wireless Network" has been set up with the express intention of allowing the public to use that network. If someone leaves their door open, I don't think that's an invitation to enter their house. Or, since you don't like that analogy, if someone doesn't have a "no trespassing" sign in front of their house, I don't think that's an invitation for me to set up a picnic on their front lawn. In short: the absence of a deterrent cannot, imo, be properly interpreted as an invitation.

I agree that legality is not what is important in this discussion, and that intention certainly does matter.

 

We strongly disagree however regarding implied invitations. I'm not going to connect to someones network to consume bandwidth or do anything dodgy etc, I have a fine internet connection at home. If I was in a different neighbourhood and needed some directions from google maps or something, then I might. In a neighbourhood of 20 connections and only one is unsecured, then I would take that as an invitation to join. As others have pointed out, Windows can be set to connect automatically, to something that is braodcasting into my space. Stealing wifi is like saying you stole a tv show because you tuned in. This is the reason a locked door analogy fails. A house does not broadcast its status and details, and initiate a connection attempt when asked. In short: It is fair to assume that a deliberately unsecured wifi network broadcasting within range can be connected to.

Share this post


Link to post
Share on other sites

Stealing wifi is like saying you stole a tv show because you tuned in.

What a load of bollocks.

Share this post


Link to post
Share on other sites

Stealing wifi is like saying you stole a tv show because you tuned in.

What a load of bollocks.

 

This.

 

I mean, really...

 

What it comes down to, in all simplicity and without these ridiculous analogies, is this: I'm intelligent enough to distinguish between an unsecured wireless network and an open public network. I don't need to try to convince myself that someone wants me to use their network just because they don't have security enabled -- I realise that people, in general, are stupid and that mistakes happen. I'm going to be generous and say that, evidence notwithstanding, you're intelligent enough to make the distinction too. Whether you can go that one step further and separate "can" from "should"... well, that's entirely on your say-so.

Share this post


Link to post
Share on other sites

What it comes down to, in all simplicity and without these ridiculous analogies, is this: I'm intelligent enough to distinguish between an unsecured wireless network and an open public network. I don't need to try to convince myself that someone wants me to use their network just because they don't have security enabled -- I realise that people, in general, are stupid and that mistakes happen. I'm going to be generous and say that, evidence notwithstanding, you're intelligent enough to make the distinction too. Whether you can go that one step further and separate "can" from "should"... well, that's entirely on your say-so.

If you're going to insult me, then I would rather you do it in the open, and at least have the decency to address the points I made. The fact is people are stupid, and mistakes do happen. But there is very little excuse for an unsecured wifi network in todays day and age. If I seen an open wifi connection, then I will assume that it was left open deliberately, or at the least due to fulfill ignorance, and will make use of that. The distinction that must be made is not one of whether or not an open network was due to a mistake, but rather if it is wrong to use an a network that was deliberately left open or not.

Share this post


Link to post
Share on other sites

Most house windows come in a locked positions.

 

It doesnt mean that leaving your window open gives people the right to come into your house and steal things.

 

Sure it might make it understandable if they do, but certainly not legal.

 

Rob.

Share this post


Link to post
Share on other sites

Most house windows come in a locked positions.

 

It doesnt mean that leaving your window open gives people the right to come into your house and steal things.

 

Sure it might make it understandable if they do, but certainly not legal.

 

Rob.

What about items left in a deliberately unlocked cabinet on the sidewalk outside a house?

Share this post


Link to post
Share on other sites

so, lets get one thing clear

 

do you or do you not believe, that taking something from someone, that they rightfully own, and in doing so depriving them of that thing, irregardless of it being tied down, do you believe that that is an ok think to do?

 

its a simple binary question, yes or no.

 

if you do think that's ok, then i sincerely hope that someone relieves you of all of your belongings, every last one.

Share this post


Link to post
Share on other sites

so, lets get one thing clear

 

do you or do you not believe, that taking something from someone, that they rightfully own, and in doing so depriving them of that thing, irregardless of it being tied down, do you believe that that is an ok think to do?

 

its a simple binary question, yes or no.

 

if you do think that's ok, then i sincerely hope that someone relieves you of all of your belongings, every last one.

It's a simple binary question that is in no way relevant. My answer is no.

 

 

What exactly would I be depriving a person who made their wifi available of? Perhaps bandwidth, in which case they should have had it secured, and will learn after their first expereince of someone using up their limit. (Disclaimer, I would not ever connect to an open wifi network to take advantage of bandwidth or free internet, only if I felt it was necessary as I explained above.)

Share this post


Link to post
Share on other sites

i own 4 3.4ghz 30db patch antenna's like that one + a few more, You do not want to be standing near it when it is transmitting.. you might kill thousands of little lives :P.

 

You will have to put a wireless client thingy there, in a weatherproof box + heat sink because summer it will get hot, then cat 5 it down to where ever, allot better then buying Heliax (coax) thick enough to cope with the loss, and ur looking at $30 per meter + connections that are about $150-200 each..

 

 

Oh and hacking is bad.. not recommended.

Edited by eat_the_flag

Share this post


Link to post
Share on other sites

EDIT @ EAT THE FLAG:

You need to make sure you have a network surge protector for storms, and use CAT6 not CAT5, just for the sake of shielding.

END EDIT.

------------------------------------------------------------------------------------------------------------

 

as an avid wardriver, I agree in theory.

 

But i dont steal someones internet 24\7, if its unprotected and im driving past, some NON DESTRUCTIVE fun\snooping (eg. hacking not cracking) is OK in my eyes, hell my network is unsecured, come one come all. wireless is in a DMZ though, so its not going anywhere.

 

If australia ever gets an 'unlimited' plan, i'll be putting ona big antenna and letting the local area use my internet. with a 'terma of use' login page of course in case cops show up for evil things i didnt do. I know it doesnt ocver me by law, but if it went to court it'd certainly help.

 

rather than focusing on the internet side, i like wardriving for the sake of printing 'you should secure your wireless' and stuff like that, copying their video files and open source software, because no one has illegal files on their network, lol.

 

copying data is not theft despite what the media wants you to believe, no one is without the data, thusly no one is at a loss. If you use their monthly data allowance, that IS theft because they do without that much data for that month. they lose something. The only time ive used someone randoms internet was to upload an assignment, chatting on MSN (about 1mb an hour max of use), or for WHEREIS.com while ive been lost.

 

Its not so much MORALS that stop me, even though im a layer of morals wraped in morals with a moral filling, lol, its more respect for my fellow geek, I dont mind people using my net if they need to, or if they want 100mb of my monthyl data, go for it. But i dont want them taking EVERYTHING i pay for.

Do unto others etc.

 

Thats my view.

Edited by Master_Scythe

Share this post


Link to post
Share on other sites

In some countries, ISPs provide a wireless access point that has two SSIDs, a local secured one for the resident, and another for the ISP's wireless network. this means that anyone with an account for that ISP can connect to this network, without interfering with the local account. They may charge a fee for roaming, or it may be a free thing.

 

Some ISPs run the second SSID totally open and separate from the local one for anyone to connect to.

 

This would be a great system.

Share this post


Link to post
Share on other sites

EDIT @ EAT THE FLAG:

You need to make sure you have a network surge protector for storms, and use CAT6 not CAT5, just for the sake of shielding.

END EDIT.

<Derail>

 

Cat6 does not = shielded. You can get shielded Cat5, and the majority of Cat6 cable is unshielded.

 

Plain old blue network cabling is Cat5 UTP (Unsheilded Twisted Pair), which also comes in Cat6 flavour: Cat6 UTP.

 

Most places won't stock Cat5 or Cat6 STP (Sheilded Twisted Pair), because few bother with it. Its main benefit is that you can't passively capture packets from a shielded cable, not that it is more/less reliable than UTP. STP is also more difficult to install and work with, further rendering its benefits less worthwhile.

 

</Derail>

Share this post


Link to post
Share on other sites

The fact is people are stupid, and mistakes do happen. But there is very little excuse for an unsecured wifi network in todays day and age. If I seen an open wifi connection, then I will assume that it was left open deliberately, or at the least due to fulfill ignorance, and will make use of that. The distinction that must be made is not one of whether or not an open network was due to a mistake, but rather if it is wrong to use an a network that was deliberately left open or not.

I'm with this guy.

 

For the past twenty or so years I've been sending out letters (and more recently, e-mails) to random individuals claiming to be the rightful heir to the throne of Uzfukistan, requesting assistance in transferring the sum of 30 MebiDollars (30*2^20 dollars) from the account of my late father who was impaled by a donkey in an unfortunate "farming accident".

 

I've swindled ignorant bastards out of millions so far. Due to their deliberate ignorance and stupidity, they have effectively invited me to take their funds and sometimes their kidneys... the authorities will never have a case against me. It's watertight! (unlike my targets)

Share this post


Link to post
Share on other sites

really? i thought the shielding helped prevent interference from gwtting INTO the cable as well as out from.

You're right, but the benefits in that regard aren't worth the added expense, hassle, and er, expense of running STP. Which is why like 99.99% of consumer and commercial copper networking is UTP.

 

The twisted pairs are designed to keep RFI out without any additional material to keep manufacture costs down and pliability up, that's the whole point of it.

Edited by SquallStrife

Share this post


Link to post
Share on other sites

I'm with this guy.

 

For the past twenty or so years I've been sending out letters (and more recently, e-mails) to random individuals claiming to be the rightful heir to the throne of Uzfukistan, requesting assistance in transferring the sum of 30 MebiDollars (30*2^20 dollars) from the account of my late father who was impaled by a donkey in an unfortunate "farming accident".

 

I've swindled ignorant bastards out of millions so far. Due to their deliberate ignorance and stupidity, they have effectively invited me to take their funds and sometimes their kidneys... the authorities will never have a case against me. It's watertight! (unlike my targets)

 

Actually, I am pretty sure that if you *give* money away to those scams, then you're not protected, and the scammer can only be persecuted for things like fraud. So yes, it is deliberate ignorance and stupidity, although I don't think your analogy quite fits.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×