MD Bill Would Criminalize Theft of Wireless Access

Pickens writes "A bill presented by Delegate LeRoy E. Myers Jr. to the Maryland House of Delegates would criminalize purposely surfing the Internet on someone else's wireless connection. The bill would make intentional unauthorized access to another person's computer, network, database, or software a misdemeanor with a penalty up to three years imprisonment and a fine of up to $1,000. The Maryland public defender's office has submitted written testimony opposing the specific ban and penalty suggested in Myers' bill. Noting that wireless connections are becoming common in neighborhoods, the written testimony says: 'A more effective way to prevent unauthorized access would be for owners to secure their wireless networks with assistance where necessary from Internet service providers or vendors.'"

abra-ca-de-ridiculous!

[PC and Sony Fanboy]

Yeah, and I suppose that sitting in someone else's light, or perhaps walking on their lawn should be criminalized too?

Yes, we pay for the internet, but if you don't secure your network, and the pedestrian use doesn't impair your surfing experience... no harm, no foul. At least, thats what I think - but I'm still not running the world *sigh*

Stupid rednecks!

[tjstork]

It's funny, because, the most pre-eminent security guy in the USA, Bruce Schneir, who wrote THE book on cryptography, actually leaves his home WAP open so that people can squat on it. He thinks that if we all had our own open WAPS, we could all sorta squat on each other's wans, be much more effective as a society overall. Really, what this law is is an attempt to criminalize a culture of sharing.

Yeesh

[InvisblePinkUnicorn]

Given how silently Windows is able to connect to a wireless network, I don't see how this law would last. Computer novices with brand new laptops will just turn them on and start surfing the net without having a clue about what an ISP is, how the internet work, or even how they are connecting to the internet. They know there is this thing called the "internet" and that when they click on the big blue "e", they are accessing the internet. Where do you draw the line between the innocent bystander and the criminal?

i agree with the public defender

[suck_burners_rice]

The public defender is absolutely right. If you don't want other people surfing on your connection, it takes seriously five seconds to click a checkbox and enter a password on your router. If you leave your router open to all connections, that should legally mean that you desire to share your connection with others, since that is what will inevitably occur with such a setup. Leaving your router open like this is akin to bringing a box of donuts to work and leaving it open on the lunchroom tables.

"Purposely" is the key

[floorpirate]

It's only a crime if they can prove you used the neighbor's wireless intentionally. My laptop loves to connect to random wireless connections instead of my own - hell, it tries to connect to wireless connections that aren't even there (such as the wireless at my workplace) instead of connecting to my home wireless first. How do you prove it wasn't intentional? How do they prove it was?

Whoever tagged this humor...

[tmosley]

I don't think it's that funny. This is another example of an Orwellian society attempting to make everyone a criminal. I mean come on, THREE YEARS for doing something fairly innocent?

This is outrageous.

Xohm?

[vigmeister]

Not that I agree with the bill, but given that Sprint's WiMax is hitting Baltimore and DC, maybe Sprint has a vested interest in this bill being passed?

http://www.xohm.com/ [xohm.com]

Cheers!

Re:Stupid rednecks!

[bobs666]

I am betting its your friendly Phone Co. Monopoly Lobbing the House of Delegates, trying to make people pay them more cash.

Re:abra-ca-de-ridiculous!

[PC and Sony Fanboy]

I'm not american. Where I live, it IS a free country.

Proportional punishment to the crime

[jandrese]

Stealing someone's internet bandwidth (their porn came down slower than usual!) is now worth up to three years in the slammer? I always thought wardriving was a silly little crime like jaywalking, not something on the order of grand theft auto. Why is the punishment so steep in that bill?

Anyone but government officials and their lackeys

[Mr Pippin]

Yet, warrantless searches of my laptop is still perfectly reasonable, right?

And it is also okay if a private company did something like this if government directed, too, right?

Re:come here, sweetheart

[Richard_at_work]

You say "no", but your window says "yes" - please, do mankind a favour and shut your curtains next time you undress!

Criminalizing benefits big Telco's

[Anonymous Coward]

Telecommunications companies are asking for this bill because by criminalizing squatting, ppl are more likely to pay $$$ for their own connection.

This benefits the very people who are demanding retroactive immunity for illegal domestic spying.

I'm glad someone gets it

[Duncan Blackthorne]

At least the public defender's office mentioned understands something of the nature of the thing. Unsecured WiFI APs are the "VCR flashing 12:00" for the 21st century, and the other half of the equation is how any WiFi interface will by default connect to the first AP it can do so with regardless of who ows it. Also how are they planning on differentiating between businesses and individuals that purposefully leave their APs open for customers or neighbors to use at will, are they planning to make them criminals as well? Stupid.

Re:abra-ca-de-ridiculous!

[gnick]

Yeah, and I suppose that sitting in someone else's light, or perhaps walking on their lawn should be criminalized too?

Not really the same thing. This is more like, "I suppose that plugging my A/C into my neighbor's outdoor electrical outlet should be criminalized too? After all, he didn't put a lock-box over it."

I pay for and use my bandwidth. If you start stealing it, you would certainly inconvenience me.

Re:Stupid rednecks!

[BlowHole666]

what this law is is an attempt to criminalize a culture of sharing.

No the problem is some people do not want to add to the pot. Some people do not want to also purchase a WAP. They think everything should be free. So if 5 people in a given area all have their own WAP the 6th guy thinks he does not have to pitch in. That is what this is making illegal, or rather it is because of that sharing is now illegal.

Re:Yeesh

[gnick]

That's a really sticky point. But, that's the difference between "intentional unauthorized access" and "unintentional unauthorized access". So, the law does address that. The trick is, how do you determine intent?

Re:what about my network?

[BlowHole666]

So what your saying is if the child molester outside looks at the kiddie porn in his car and he gets traced. Your fucked. All you have is a mac address, all the District attorney will say is you threw the computer out. There are things worse then p2p.

Re:come here, sweetheart

[Brian Gordon]

How is this criminal? This is like a perfect example of a civil offense.

Re:I don't like that word "purposely" in there...

[AvitarX]

Easy,

If you ask for permission (DHCP Request) and the equipment says (to paraphrase) "absolutley, come on 0:0c:fa:a8:gc:bb hear is where I keep the gateway to the internet, I will make sure to send you data that comes for you, and direct any data you send to the correct place.", than absolutely the have permission.

If you have to monkey around setting up static addressing, or finding keys or what not, than it enters a gray area.

Re:Yeesh

[wizardforce]

Where do you draw the line between the innocent bystander and the criminal?

you can't look into people's heads so legally, I don't think there is a way to tell the difference. but really at what point are people obligated to actually learn about basic computing skills and stop being shielded because of their willful ignorance? it seems to be a common defense- but but I don't know that! could you imagine how that would work anywhere else? driving? work? taxes?

Re:Stupid rednecks!

[h3llfish]

>> Yeah, its a big conspiracy d00d!

Are you sure that it isn't? Ask yourself, why did the Maryland government feel a need to address this issue at all? Because they had been flooded by emails from constituents who were furious over their stolen bandwidth? Or because telcos/cablecos/ISPs realized how easy wireless makes it to share a connection with your neighbor? I can't say for sure either way, but I know which of the two groups has more pull with most politicians.

Re:come here, sweetheart

[rucs_hack]

How is this criminal? This is like a perfect example of a civil offense.

Seems to me the guy doesn't make many good decisions. From his Wikipedia page:

# voted against the Clean Indoor Air Act of 2007 (HB359)
# voted against in-state tuition for illegal immigrants in 2007 (HB6)
# voted against the Healthy Air Act in 2006 (SB154)

If the guy doesn't want you to breath clean air, or teach illegal immigrants (after all, being literate obviously wouldn't help them at all..), then this seems pretty much par for the course.

Re:Yeesh

[compro01]

and how do you define "unauthorized access" even? network is open and allows you connect, so does that qualify as "authorized access" or not?

Re:come here, sweetheart

[el_gordo101]

# voted against in-state tuition for illegal immigrants in 2007 (HB6)

If the guy doesn't want you to breath clean air, or teach illegal immigrants (after all, being literate obviously wouldn't help them at all..), then this seems pretty much par for the course.

The in-state tuition bill is not about keeping illegal immigrants out of school, it is about charging illegal immigrants the same tuition at State colleges that legal residents would pay.

Re:Unsecured networks get connected to by default

[dgatwood]

You mean like DHCP?

Look, it's really simple. If you don't want other people using your wireless network, don't disable the encryption. Notice I said "don't disable". Most access points these days are shipping with encryption on by default, so the trend is moving towards the point where we'll be able to automatically assume that every unencrypted point was intentionally set that way. In ten years, the proposed law will be completely unnecessary and will just be a broken relic of days gone by.

Laws like this annoy the heck out of me, as they are caused by technological neanderthals trying to come up with ways to appear that they are doing something useful, all while creating a body of unnecessary laws that bog down the legal system. In any case, I can say right now that I won't be traveling to Maryland if this happens. Life's too short to put up with getting arrested for sitting in your car outside a hotel checking your email for a couple of minutes. The law is a blatant abuse of power, and ultimately, the FCC needs to put a stop to this by creating policy that trumps it. Unencrypted Wi-Fi should be considered free for public use, period, at least until the owner explicitly asks you to stop.

The story from MI is far scarier

[pedrop357]

FTA:
A Fox News story says the man parked his truck in front of the shop during lunch breaks and checked his e-mail on his laptop computer.

When a nearby business owner got suspicious, police talked to the man and ruled out that he was spying or stalking someone. However, a prosecutor filed the charge of stealing the wireless connection, the story says.

The charge was a felony punishable by up to five years in jail and a fine of up to $10,000.

His other choice was a jail diversion program, which involved paying a $400 fine, doing 40 hours of community service and being on probation for six months.

Combining idiotic laws with the proliferation of access points, how can I prove that I'm using the (paid for) T-mobile access point at the Starbucks and not the business next door? The guy in the article may have admitted using the coffee shops inet access, but that doesn't show that there's not a bigger problem with laws like this.

Before my laptop self destructed (heat issue), I had a Verizon phone card that I used all the time. In fact a few times when on-call, I would pull in to the nearest parking lot and do what I needed to do.
If I had chosen to park in the parking lot near a coffee shop like this and the owner called the cops, how can I prove that I was using my own internet connection and not hijacking his? The few people who saw my Verizon card assumed it was a wifi card and had to be explained in depth how this wasn't wifi and would generally operate anywhere you could get a cell phone signal. I can only imagine explaining this to a cop.

Re:I don't like that word "purposely" in there...

[snarkh]

Why cannot I use services, which you make freely available to me?
If I use my computer in a coffee shop, every time I turn it on, I should make sure
I don't accidentally connect to your wireless router?

how to enforce this?

[amigabill]

If people aren't smart enough to protect their wireless routers, how are they going to know anyone used them at all, let alone know how to track down who did it for prosecution?

Re:what about my network?

[Anonymous Coward]

Why does stuff like this get modded up? If someone downloads illegal material over your link, so what? The parent has already said that they block most p2p programs so the chance of this happening is pretty low. Besides, unless I'm wrong (IANAL) posession of said material is what is against the law. Does AT&T get charged with a crime when someone downloads illegal material over their network?

The Locked Door Test

[dpilot]

We need an equivalent of the locked door test for this. IIRC, criminal responsibility for intrusion changes based on whether or not the door is closed, and whether or not it is locked.

In other words, if the door is open, it's reasonable to expect that perhaps the general public was invited in.
If the door is closed, but not locked, it's still possible that the general public is invited in, they're just trying to keep the heat in or the flies out.
If the door is closed and locked, clearly the general public is not invited in.

As for the "default router settings are open" argument, that's kind of like saying "newly installed doors are unlocked." As for the "flashing 12:00:00" argument, if you aren't competent to lock your front door, there's a problem. Manufacturers of wireless equipment need to do a better job of explaining this. They need a BIG RED PAGE when you open the box, explaining how to do the basic security, and how if you don't, you could have legal problems because you're responsible for ALL access through that wireless connection. As far as I can see, the directions are very little past, "insert the Windows driver disk."

By the way, so the instructions tell you as a minimum key to use your name, address, and phone number, and the street address for the SSID. Ain't much of a lock, is it? But it's is still most definitely a lock, and it takes deliberate action to open. No default-configured computer from anywhere will automatically crack even a trivial key and automatically make a connection.

Everyone with an iPhone would be a criminal

[techmuse]

iPhones automagically associate with open wifi access points. This would make everyone with an iPhone a criminal. How do you know which access points are intended for open use and which are not? Around here, many restaurants specifically offer free wifi to attract customers!

Re:come here, sweetheart

[drooling-dog]

You say "no," but your router says "yes."

You were modded "funny", but that's quite literally what is taking place. Nobody's "stealing" anything; your router is being asked for permission, and it's not only granting it, it's assisting by providing an IP address for you to use and telling you where you might find a good DNS server or two.

Now the owner of that router might say, "But I didn't know it was doing that on my behalf!" I suppose it's a little like coming home to find that your kid has been inviting people into your house who you'd rather not have there. But that's an issue to be settled between you and your errant kid, isn't it? Law enforcement generally isn't interested.

Since there is no groundswell of outrage from people who are providing bandwidth to their neighbors - unwittingly or not - you have to assume that the "victims" here are the ISPs: Comcast, Time-Warner and the like. That guy who checks his email or the weather using "free" wireless is, in their eyes, $50 a month in lost revenue. Not that they could possibly influence legislators in a state like Maryland, of course...

My wireless is free to anyone... is that illegal?

[urbanriot]

I live downtown with a high capacity internet connection that I typically don't use to its full extent, so I've QoS'd everything to allow excess bandwidth I'm not using to be available to anyone who wants to connect to my wide open wireless internet. Many people use this, and I've also had some students and neighbors thank me for it... I've also heard of others doing the same and I've been to many coffee shops and other such places where they freely offer wireless internet.

That being said, how will the end users know which networks are free to use, and which are ignorant people who can't configure technology (that they should know how to configure if they're going to try to use it)?

This sounds more like large ISP's paying someone kickbacks to the people in charge to prevent people from using 'free' internet, than it does protecting the children.

Re:I don't like that word "purposely" in there...

[rudeboy1]

Sounds like you need to take 2 minutes and put on a WEP key. I for one believe in sharing my connection (with the proper safety precautions in place of course). The problem with this law is that it assumes that if you access an OPEN network, you are nreaking a law. A law that makes more sense is one that states if you actively seek to break into an ENCRYPTED network, you are commiting a crime. Which is, as I understand, the way the law is already written. I don't think the guy who wrote this bill really has much of a technical background. More likely he is trying to make a name for himself by introducing new technical legislation, which is all the rage right now. It's an unfortunate state of current events. Most technical legislation is introduced by people who are either acting on behalf of lobbyists, or news blurbs on CNN/Fox. There are only a handful of lawmakers that have demonstrated that they have even a remote clue what they are talking about. It bothers me that these people are left to decide the fate of things they have no real grasp of.
I try to write letters to my elected officials any time something like this comes up for a vote. I've even made some phone calls when it's either highly technical or highly important.

Re:come here, sweetheart

[haystor]

Why would you go about discounting prices for illegal immigrants before discounting for legal residents? Sorry, you're from out of state, you have have to pay more than the out of country guys -- except the ones that applied properly -- of course.

Re:abra-ca-de-ridiculous!

[vtscott]

Stop calling it stealing and we'll stop calling you a troll. If your router is open, it is giving me its consent to connect to the internet through it. Don't like that? Then secure your router. Do you want to live in a world where you must get consent from a human before doing anything? Then you better stop reading any website. Oh, sure they send you the data when you send their webserver an http request, but so? A computer can't render consent in your bizarre world. You should first contact the owner of any website you'd like to visit to ensure that they didn't just misconfigure their webserver, allowing access to anyone.

THEFT of Wireless

[scubamage]

To me theft of wireless means that you're sitting there, snorting traffic and running a decryption utility to process packets and ascertain a WEP or WPA key. Not really hard to do, but still akin to breaking and entering since the owners have obviously chosen to close off the network. I don't see a problem with breaking into such a thing a crime.

BUT if someone gets pressed for using an open wireless access point the owners are going to have to prove malicious intent especially since windows doesn't mind hopping from access point to access point.

Re:come here, sweetheart

[plague3106]

No, it's not granting permission, it's just doing what it's been set at the factory to do. Unless you get explicit permission from the network owner, you should assume you need to stay off the network.

Legally speaking, your kid is not allowed to invite anyone into your home. After all, your child doesn't own your house, does he?

Just because there is no outrage doesn't mean there aren't people that would be upset if they knew someone was using their network. If I leave my house unlocked, and people are entering it without my knowledge, I would be pretty upset to find out that someone did in fact enter my house. Especially if it was through a back door I didn't even know existed.

Why don't we do this as a society? Don't use anything which belongs to someone else without their permission? Sure would make the world a bit nicer.

Re:come here, sweetheart

[plague3106]

They would have the same level of wages, except they are here ILLEGALLY. Is it really so much to ask that you come into our country legally through the set of proceedures we have in place?

Re:I don't like that word "purposely" in there...

[TheGavster]

If you have a sign on the side of your house proclaiming "Bathroom within!" and placards giving directions to where in your house I might piss, then most certainly I would expect that this behavior is allowed. If you don't want people on your access point, either secure it (ie lock the door), or don't broadcast an SSID (ie don't put a giant sign out offering a service).

Re:I don't like that word "purposely" in there...

[plague3106]

If you CHOOSE to plead guilty, for whatever reason, that's your own problem. When charged with anything ALWAYS FIGHT.

Re:I don't like that word "purposely" in there...

[rudeboy1]

The problem here is that there is an ambiguity of intent. SOME people (and it doesn't even have to be a large number) keep their wireless connection open on purpose. To assume that it is automatically an unwelcome act to enter an unsecured network is flawed logic. As is to assume that either AP owners or laptop users are all ignorant or devious.
    While not the easiest solution to implement, the most logical solution would be to simply require AP manufacturers to default routers to a closed network. Either using a default WEP/WPA/Etc. key, or with a mandatory setup upon installation (a la the runonce screen you get in IE the first time you open it). This takes the ambiguity out of the equation and allows all users who do not want their networks open to lock them down, even in the face of computer illiteracy. Then, if a network is open, it is set that way by choice, and conversely, if a user logs on to a closed network without authorization, there is a clear intent to trespass.

Re:come here, sweetheart

[fishbowl]

How does a reasonable person differentiate between non-infringing use of an open network service,
and infringing use of an open network service?

Re:come here, sweetheart

[Anonymous Coward]

This is like putting an "Open" sign on the front of your business, and then calling the police when people come in.

If anybody should be punished, it's the people making software and hardware that's automatically wide open.

Re:come here, sweetheart

[Wingnut64]

The router is not sentient. It has no ability to judge, and despite the fact that it may invite some people in does not mean it is entitled to do so or that they are entitled to enter.

People are responsible for the consequences of machinery they operate. If you operate a router that is configured to provide access to anyone who asks, you have already given your consent to the requester. It doesn't matter if you are ignorant of this, could you imagine successfully arguing that you should not be held liable for damage you did with a bulldozer because you never bothered to read it's manual and just assumed it would work?

Re:come here, sweetheart

[bendodge]

So this assumes they have the same level of wages? Because as far as I can tell, this is not usually the case.

I don't care what level of wages they have. The government can't save you. We need a public education campaign. It doesn't matter how sincere and compassionate a politician sounds, she has to get the money from somewhere. And that somewhere will either be your pocket or a printing press.

What happened to American independence? A few generations ago, people would rather live on beans and potatoes than accept money from the government. John Maynard Keynes and FDR have ruined the federal government. It happened to Rome, and it will happen to us. When people believe there is such thing as a free government lunch, we are ruined.

Re:come here, sweetheart

[Sancho]

I was clarifying why it's criminal rather than civil, not commenting on whether it should be legal in the first place.

Re:come here, sweetheart

[Crazy Man on Fire]

The government can't save you. We need a public education campaign.

Um. Ok. So, the government can't save you, but the government's public education campaign can?

Accidental?

[just_forget_it]

In my apartment, I pick up 11 wireless networks (even though there are only 8 apartments surrounding me), two of which apparently were set up by numbskulls (i.e. not set up at all. They just plugged the router in and left their network name at the default "linksys") and were left unsecured. My Windows Vista laptop will automatically connect to one of those networks if my router happens to puke and lose connection. If I'm away from the computer when this happens, I don't even know what went on while I was away, and I could surf for hours using someone else's connection. If "hijacking" someone else's wireless is made a crime, buying a Windows Vista machine will be like buying a car that automatically robs bank vaults while you're away at work.

This bill turns people into unwitting criminals because some people are idiotic enough not to protect their router, and Vista will automatically connect to these routers without asking. So, if it gets passed, the one question here is: if Vista forces me to break the law by automatically "hijacking" an unsecured wireless network, can Steve Ballmer be charged as an accessory to the crime?

Re:come here, sweetheart

[tattood]

It should only be a criminal offense if you "hack" into the wireless network. And by hack, I mean circumvent the owner's attempt to secure their wireless network. If you enable WEP/WPA on your wireless network, and someone cracks the keys and uses your wireless, that should be a criminal offense. If you buy a wireless router and don't put on the encryption, then it's your fault.

I partially agree with your statement, that it should be the responsibility of the wireless AP manufacturers to enable some security by default, even if it is only WEP. You should make the user have to disable WEP, if they want an open network.

The manufacturer's argument to that, would be that the common user probably does not know how to use WEP. This would therefore cause an increase in support calls when their new wireless router does not work. The manufacturer should have to deal with that, or make it extremely simple and obvious to the user how to use the security features.

Re:come here, sweetheart

[drooling-dog]

Somebody comes into your home and their defense is "Your dog invited me in!"

Well, if my dog could do that, I suppose I might worry!

The router is not sentient. It has no ability to judge, and despite the fact that it may invite some people in does not mean it is entitled to do so or that they are entitled to enter.

It's the job of the router to grant or deny permission to connect to the network. That's precisely what it's designed to do, and an entire protocol exists just for that purpose. When my laptop asks for permission to connect to your network and your router says, "Sure! Let me help you with that," how am I supposed to know (or even ask) your true feelings about it? Your router is your authorized agent in that case. It's not a difficult thing to choose a password and turn encryption on.

Suppose you encounter a vending machine selling snacks for 10 cents. That's a bargain, but the sign on the machine says "Only 10 cents!" and when you insert your dime, out pops a package of twinkies. A little while later the SWAT squad shows up in full armor, because the owner of the vending machine actually intended the price to be $1, but because he's not a technophile he didn't know how to change the price on the old machines he bought and maybe didn't even realize that he had to. You have twinkie cream all over your chin, so you're busted. How much prison time are you OK with?

You'll get off, though, because the vending maching - "sentient" or not - was acting as the authorized agent of its owner, and he is liable for the cost of failing to operate it properly. If there's a difference between a case like this and the unencrypted router, it's that the vending machine guy is actually out tangible goods, but in most cases the owner of the router suffers no real loss.

Stupid question time

[Moryath]

I live here legally. I pay taxes, pay for my health insurance, pay the hospital to deliver my kids, raise my kids. My kids go to the college one state over. I get raped for $$$$$$$$$$$$$$$$$$$$$ tuition.

Asswad from Mexshitco comes up. Has a bunch of kids (free on the public dime by giving a false name or just not paying the hospital). Enrolls their kids in every free-public-money scam thanks to the Democraps, uses up MY tax money. Has his kids sitting around shitting up the school system to the point where all the non-spanish-speaking teachers are run off and my kids have to wait for the brainless shitheads to catch up before anything else can be taught, or else I wind up spending MORE of my money to send my kids to a decent school because his kids have fucked over the school but good.

Now we hit college time. His kids are supposed to get all sorts of "minority scholarships" for "underpriviledged minorities", and they're talking about giving his kids in-state tuition????

WTF IS GOING ON HERE.

No, seriously. Enough is enough. I've run the numbers and no longer want the mooching illegals around ruining the schools, ruining the health care and emergency rooms, running up the costs in insurance (I have to pay an extra %1000/year for uninsured/underinsured coverage thanks to all the mexshitcans around here), and all the rest of the trouble they cause. Enough is enough.

Re:come here, sweetheart

[Atlantis-Rising]

A child can talk, and a child can invite somebody in. That doesn't stop it from being trespassing.

The reason I shied away from using children as an example is that they often maintain a different relationship in law with regard to trespassing than do adults.

(I am also unable to find any case-law dealing with invitations issued by individuals who have no authority to do so, and in any case, this case is not really comparable to trespassing for a variety of reasons.)

However, the issue basically, in my mind, breaks down to this: Your computer/router/child has no authority, on its own, to issue or deny an invitation for entry or use of your systems, space, etc, etc.

The question then becomes, do you have a duty to take action to prevent people, or warn them off, from using or entering your systems/space, etc.

I do not believe there is; property is generally accepted as being inviolate, with a handful of exceptions, unless a reasonably explicit invitation is issued to the contrary by a legitimate issuing authority.

Re:come here, sweetheart

[grahamd0]

It's not trespassing.

What if I want people to be able access my network? Should I give them double secret permission?

As the ISPs are the only ones (potentially) harmed by a random person checking their email or surfing the web on an open wireless network, and this bill is clearly designed to protect them from perceived loss of revenue, perhaps the bill should create civil or criminal penalties for violating an ISP's terms of service. This would place the burden on people running open networks, which is, IMHO, still ridiculous and stupid, but it would more accurately address the "problem".

Re:come here, sweetheart

[Atlantis-Rising]

It's the job of the router to grant or deny permission to connect to the network. That's precisely what it's designed to do, and an entire protocol exists just for that purpose. When my laptop asks for permission to connect to your network and your router says, "Sure! Let me help you with that," how am I supposed to know (or even ask) your true feelings about it? Your router is your authorized agent in that case. It's not a difficult thing to choose a password and turn encryption on.

Your router's job is such in a technical sense, not a legal one.

Suppose you encounter a vending machine selling snacks for 10 cents. That's a bargain, but the sign on the machine says "Only 10 cents!" and when you insert your dime, out pops a package of twinkies. A little while later the SWAT squad shows up in full armor, because the owner of the vending machine actually intended the price to be $1, but because he's not a technophile he didn't know how to change the price on the old machines he bought and maybe didn't even realize that he had to. You have twinkie cream all over your chin, so you're busted. How much prison time are you OK with?

Laws and court decisions already exist to deal with this, and it's not the same thing, although some of it breaks down to commercial and contract law which is not really relevant to wireless routers.

However a lot of it breaks down to intent, due diligence, and negligence, as well as public perception on the parts of both the (shall we say) vendor and purchaser.

I would argue that there is a great deal more due diligence that applies to the owner of a vending machine. Why?

There are a variety of reasons.

Firstly, a vending machine is in plain sight. if the vending machine owner knew it was selling things for 10 cents when that was not his intent, he had an obligation to alter that state of affairs, and knowing it should be set that way is his responsibility as it is in plain sight. (To head off the argument: if it was installed by a representative of his, his beef and legal debate is with the representative, not the purchaser, and he has a valid argument there).

Secondly, such plain sight does not apply to routers, which generally are headless and incomprehensible to their owners; a reasonable person would not assume that the router's operator had specifically set the router the way it was currently set.

Would a reasonable person conclude that the owner or operator of the router configured it to allow entry? Merely claiming that it was technologically doing so is not relevant, as that is the default state.

open routers authorize

[Russ Nelson]

If somebody has enabled their router to be open to all connections, THAT IS ALL THE AUTHORIZATION NEEDED. If my handheld sends a request for association with their router, and their router accepts my request, THAT IS ALL THE AUTHORIZATION NEEDED. If somebody leaves the door of their store open, I should expect to be able to enter the store. If they lock the door, then, that lets me know that I shouldn't enter.

Re:come here, sweetheart

[eclectus]

A better analogy is 'can someone walk through your yard?'. If someone connects to an open WAP and surfs, they are more akin to walking on my grass to get to the street behind me than walking through my house without permission. Putting up a fence and no trespassing sign is just like securing your wireless network.

Re:come here, sweetheart

[EdelFactor19]

I dont care how its done; the government has no place in telling us what to do with the internet access we pay for and on routers we pay for. If you don't want someone using your router thats your problem.. If they crack your encryption; obviously that falls into many already existing anti hacking laws (or make that the law)

adding any CRIMINAL or CIVIL law for someone connecting to your UNENCRYPTED access point only encourages stupidity, lack of reponsibility and negligence. If you left a hose running plugged into your house that extended to the driveway, and i was running by and was thirsty, I'd pick it up turn on the spiggot and drink some... if you dont want me to then do one of three things: turn the damn thing off at the end of your house; put the hose away; or waste money on some crazy lock on it lol. Suggesting that the government take on the problem is an exercise in futility; it will only waste our time and money and rights.

Furthermore suggesting that the "makers of the devices" do anything differently has a similar net result. It is not their problem; it is yours. Do with it what you want. If you are too unintelligent to push the "EZ Security" (re crappy unadjustable settings" button on a linksys; or follow the extremely basic guide in the instructions, and are also too unintelligent to either ask a friend for help, call tech support, or find help elsewhere then you have to deal with the consequences. There are a lot of reasons you probably dont want wep or name your security method enabled by default; namely setting the damn thing up. What do you do when your device is having a problem or you forget the password?

There are other interesting a better ways to go about the problem. MAC address filtering can work well, as can limiting the number of leases allowed.

The bottom line is that this is an area that the government has absolutely no business talking about, getting involved with, or passing laws regarding. Especially the federal government. They've got plenty of important things to waste their time on that ACTUALLY matter and should be decided by them. Lastly, how is being fined or sent to jail even remotely not get categorized as excessive punishment worse than the crime? If you pay anything at most it should be some factor of the cost of the fee for internet service paid by the place you stole it from.

Re:come here, sweetheart

[LunaticTippy]

I bought a router, plugged it in, and it starts broadcasting as Linksys. I go to my computer and there are 3 unsecured Linksys APs visible. How do I know which one is mine? If I pick the wrong one do I really need to go to jail?

I go visit my next door neighbor and he says "Yeah, I have an unsecured Linksys router. Go ahead and use it, that's what it's there for!" How do I tell which one of those 3 I have permission for? Again, if I pick the wrong one do I really need to go to jail?

Let's simplify. There is only one Linksys AP. I have permission from the owner. A 2nd person sets up an AP the same way - my computer will automatically connect, and will look the same to me. I will have absolutely no idea I'm using one I don't have permission to use. Do I now go to jail? For something someone else did?

Re:come here, sweetheart

[apoc.famine]

Thank you. No, really. The more people who hear this and who actually understand it the better.

I will never, EVER understand how the following counts as "stealing wireless access":

1) I broadcast my SSID. (Here's a wireless connection world! LOOK OVER HERE FOR IT!!!)
2) User asks, "Can I connect?" (IP address requested.)
3) I say, "Sure you can connect." (IP address loaned.)
4) YOU STEAL MY WIRELESS!!!!!!!

Ok, I guess I should do it as a car analogy:

1) I put out a sign, "I will let you borrow my car."
2) You ask, "Can I borrow your car?"
3) I say, "Yes, and here are the keys."
4) YOU STOLE MY CAR!!!!!

There is no difference. If you think there is a difference, you are either stupid or ignorant, or trying to apologize for someone else who is either stupid or ignorant.

If someone hacked into my wireless and used it, that's a crime. If someone stole my car, that's a crime. If someone asked to borrow my wireless and I let them, or my car and I let them, that's not a crime. If I'm either so socially ignorant or technically ignorant that I don't understand what I'm doing, then I need to suck it up when people do what I am INVITING them to do. And the rest of society should backhand me for complaining about it.

Re:come here, sweetheart

[NeutronCowboy]

Again, wrong analogy. A house is designed to prevent access. As is a door. A router is designed to connect.

BTW, did you ask CmdrTaco if you're allowed to access his webserver? You didn't? How come you're posting? From a technological perspective, a web server responding to anonymous requests with data is the same as a router responding to anonymous requests with a connection. They are designed to operate that way.

Re:With the SSID

[NeutronCowboy]

See above for someone else's thought that the SSID is not a sign. Here's another problem with this approach. Let's say I want to connect a specific Access Point. If everyone has to name their open access point the same, then there is no way for me to tell which one is the access point I want to connect to. Maybe we can configure the router into some general state that uses the SSID for identification, but where it also broadcasts information that anyone connect to it who so wishes. Oh wait - that's exactly what's going on right now.

The open AP = permission is not a lie, it's the entire design and purpose of the device. There is no ambiguity.

Another question: if you assume that an open AP does not imply permission, what do you do when you want to connect to web servers? Gateways? Tor? P2P? You're basically destroying everything that makes the internet tick, which is that intelligence is on the edges.

Perhaps a better approach would be to force all routers to be delivered with a dead wireless connection, and where you have to connect to it via cable to set up its wireless configuration. I'm sure that wouldn't go over well with the router manufacturers.

Re:come here, sweetheart

[GooberToo]

Secondly, such plain sight does not apply to routers, which generally are headless and incomprehensible to their owners; a reasonable person would not assume that the router's operator had specifically set the router the way it was currently set.

Your logic seems odd given it is in plain sight. When the user goes to connect to his AP and he did not have to authenticate, this is very much a "plain sight" issue. Furthermore, some computers will simply use the nearest, open AP, which means it will automatically connect. If the owner did not have to authenticate then it is a very safe and reasonable assumption that no other user is require to authenticate either.

In the eyes of criminal law, ignorance is not a defense. And yet, that's basically where your whole argument falls. Furthermore, reasonable measures are often assumed. Is it reasonable someone who operates a gun knows how to handle it and assume the associated risk? Yes, therefore you assume the risk (and no if you are a toddler, mentally challenged). The same goes for RF equipment and this is widely upheld by the FCC. If you operate equipment which interferes, then YOU are responsible, regardless of what your education or level of experience dictates. This is no different. If you operate an AP, YOU are responsible for proper operation.

I'm sorry, but you may not like this position, but it is reasonable to assume given the same standards apply in both criminal law and federal regulation. Unless you can successfully argue somehow AP's don't use RF or that somehow it requires special legal exception, I can in no way, shape, or form, see your position as legitimate.

Re:Got it all wrong

[Moryath]

So, if these individuals are going to be in the state anyway

There's your first problem. They should NOT be in the state anyway. And as for evidence, do a quick search. There are umpteen studies on the matter and government officials (like the ones in Texas) have even been caught trying to doctor data.

Start here [fairus.org] and move forward.

Re:come here, sweetheart

[baboo_jackal]

It should only be a criminal offense if you "hack" into the wireless network. And by hack, I mean circumvent the owner's attempt to secure their wireless network.

Yeah, no doubt. Just yesterday, in fact, I unplugged my router for a sec to let it reboot and forgotten to plug it back in. I started my laptop (in the other room), started using the internet, and *boom!* there I was, "maliciously stealing" somebody else's wireless bandwidth because my computer automatically connected to their unsecured router!

OK, so I didn't read TFA. So I'm probably completely off base here. I mean, I get the idea behind the law - internet access is like any other consumable utility (gas, water, electric). But to contrast how different this is from that, when's the last time you turned on the shower and accidentally stolen water from your neighbor's water pipes?

Re:come here, sweetheart

[aix tom]

Simple. You ASK the owner of the wireless network.

Respect? When I choose to set my router in a way that allows net access to the people using the chairs and tables in the courtyard, I don't want them knocking on my door all the time asking me if they really are allowed to do that, especially at times when I'm already asleep or busy doing something else. That would be very disrespectfully.

The SSID IS the "sign" of the network. The only sign on a wireless network that has any chance of working can be a wireless signal on the network itself.

The only solution is to get the router configured properly. For consumer devices, maybe a BIG, RED Private/Public flip switch on the side of the box, that only allows non-secured access when it's on the "Public" setting.

Re:come here, sweetheart

[Darinbob]

No, it's like forgetting to lock the door. Burglars are still breaking the law if they enter though an unlocked door. An "open" sign is more like the users actively creating a hot-spot through positive action, not just forgetting to turn on security through ignorance. There is little difference here from recharging your power tools using the neighbor's external power outlets or washing your car with the neighbor's hose.

If you get free internet from a neighbor, it is you moral duty to share the cost with the neighbor. Of course, none of these pirates ever ask permission since they know the answer will be "no" most of the time.

Re:I don't like that word "purposely" in there...

[gnasher719]

So, who it going to determine whether the access was on purpose, or the more likely alternative, accidental?

That would be a judge. I could think of some reasonable criteria: For example, if you have bought a wireless router at your home, then it is quite reasonable to think that you intended to use your router, and if you happened to use your neighbours router then this was likely to be by accident.

On the other hand, if you are fifty miles away from home in your car with your laptop, and you connect to some wireless network without having anyone's permission, then we can assume that you intentionally accessed someone else's laptop without permission.

Re:Got it all wrong

[Anonymous Coward]

There are umpteen studies on the matter and government officials (like the ones in Texas) have even been caught trying to doctor data.

And fairus.org is the only objective source without an ax to grind, right?

Anyway, let's take their supposed cost of $725 per Texas household. The fact is that illegal aliens usually can't and don't (propaganda to the contrary) sponge off of welfare, because they don't have SS numbers. (Maybe their children do, if born in the US, but then they aren't illegal aliens anymore but citizens like you and me.) So, they have to work, and most of them work for peanuts at hard, dirty, disgusting, mind-numbing jobs no one else wants. And they only get paid for what they actually produce, since no one will keep them around when things are slow. The result is that you indirectly benefit by having to pay less for things, compared to what you might have to pay if all these things were done, say, by union labor. I know that's hard to measure, since it's an underground economy, but let's pick a "practical" example you can relate to directly: an illegal immigrant housekeeper might cost you half or even a fourth of what you'd pay otherwise. That alone can save you far more than $750 per year.

Finally, note that almost all of this $750 goes to pay for K-12 schooling for their kids - far more than health or welfare or incarceration. (And it's no more than goes to pay for your kids in public school, or the kids of legal citizens on the dole for that matter.) But I guess your kids are better than they are, not that they had a choice in the matter, being kids. I suppose you'd prefer their kids stay illiterate, so they can continue to provide cheap labor? Oh, the kids probably are U.S. citizens, since they were born here, so they will be able get onto the welfare rolls, which is much more likely if they are illiterate and unskilled.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Stupid question time

[simonv]

I can't believe bigotry qualifies as +5 interesting. Let me play devils advocate.

My kids go to the college one state over. I get raped for $$$$$$$$$$$$$$$$$$$$$ tuition.

Now we hit college time. His kids are supposed to get all sorts of "minority scholarships" for "underpriviledged minorities", and they're talking about giving his kids in-state tuition????

You could have sent your kids to a state school. No one forced you to send your kids to another state. If that other state school system is so much better, you could perhaps move? There's scholastic scholarships, scholarships from companies, plenty of other places to get money for school; "Minority based" scholarships are only one type of funding. You or your children could take out loans for a college education (something an illegal resident cannot do.)

Asswad from Mexshitco comes up. Has a bunch of kids (free on the public dime by giving a false name or just not paying the hospital).

I pay my taxes, and pay for heath care as well. The only other option for these people is to give birth in places other than hospitals. You'd rather have a higher infant mortality rate? Why does being a legal resident have any bearing on why a person should have a better or worse chance to survive?

Has his kids sitting around shitting up the school system to the point where all the non-spanish-speaking teachers are run off and my kids have to wait for the brainless shitheads to catch up before anything else can be taught, or else I wind up spending MORE of my money to send my kids to a decent school because his kids have fucked over the school but good.

It's very unbecoming to generalize an entire population. Some of the smartest people in the world never spoke a lick of English. Did you know that the United States has no national language? I don't need to remind you that everyone in this country (save the Native Americans) are all immigrants. Getting an education and making it in this country is the "American Dream." Once again, why does it matter where a person comes from? The only alternative to a free education for everyone is to completely privatize, where everyone would have to pay tuition for all grades. You should feel honored and privileged to have the money to send your kids to a private school, not many people can.

No, seriously. Enough is enough. I've run the numbers and no longer want the mooching illegals around ruining the schools, ruining the health care and emergency rooms, running up the costs in insurance (I have to pay an extra %1000/year for uninsured/underinsured coverage thanks to all the mexshitcans around here), and all the rest of the trouble they cause. Enough is enough.

It's not simply illegal residents that get health care for free at hospitals, it's homeless, people who simply cannot afford health care, and children said people. I don't have the statistics, but there's plenty of Americans that are living paycheck to paycheck, a little bad luck and one could find themselves without a house. So the next time you think of how much money you're wasting on these people, just think you could be one of them.
So next time you're doing your taxes, be thankful that you can afford to pay for these necessities, and pay for those that may not be so fortunate.

Re:Stupid question time

[ElleyKitten]

You've obviously never been uninsured. The emergency rooms are only required to provide emergency care. Once you are stabilized (or sometimes if you're not [go.com]) they send you away. If you need prescriptions, further tests, or (ha!) physical therapy, you can forget about it. If you have severe asthma and you either need an inhaler or to go the emergency room every week, then you're going to the emergency room every week (they only have to provide emergency care, not preventative) until you either get the money for that inhaler or you have an asthma attack too far away from a hospital and die. If you have a degenerative spine disease, you can go to the emergency room for some lame painkillers and they'll tell you what kinds of tests and therapies they'd give you to keep you out of a wheelchair, if you had any money (this actually happened to a friend of mine). God only knows what would happen if you developed cancer or a terminal illness while uninsured. No other developed country lets its citizens go without health care.