Oh Look… Another Open WiFi Criminal Caught Through Detective Work

from the ain't-so-fool-proof-after-all dept

For many years, there have been all sorts of fear mongering stories about how today’s cyber-criminals can simply use any open WiFi network and never get caught. Of course, that’s ridiculous. Anyone committing a crime leaves all kinds of clues behind — and just because you can’t track them down via their IP connection, it doesn’t mean they can’t be tracked down. It’s like complaining that a bank robber who wears gloves can’t be caught because he doesn’t leave any fingerprints. Chances are that he left other clues behind. That’s why it should come as no surprise that an extortionist who was using open WiFi to cover his tracks was eventually caught through good, old-fashioned detective work, just like other cases we’ve covered where open WiFi criminals were later caught through old-fashioned detective work. So can we put to rest the myth that open WiFi means cyber criminals can never be caught?

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Oh Look… Another Open WiFi Criminal Caught Through Detective Work”

Subscribe: RSS Leave a comment
Killer_Tofu (profile) says:

Re AC #1

Not really.
I found his analogy to be spot on.
In both cases it was about saying that a criminal can’t be caught because of one little detail of their crime.
Which, in both cases, is just wrong.
This article helps to prove that those assumptions are wrong.
So why was the analogy so far off in your opinion?
Perhaps since it is so extremely off, in your opinion, you might provide a better one?
Just a thought.

michael says:

disingenuous write-up

So some dumb kid uses open WiFi to extort money, but stupidly tells them to bring the money to a park where he’ll pick it up. How does this show that the WiFi network left clues (it didn’t according to the article)? The only thing old-fashioned here is stupid criminals get caught. They didn’t trace him through the network. They picked him up in the park.

Bob E. Bob says:

Re: disingenuous write-up

Have to agree. There are always publicized cases of idiotic criminals getting caught – If someone is mentally challenged enough, no amount of tech toys will aid him in committing a crime. OTOH, today’s smarter criminals are undeniably aided by new tech, from hacking tools(easily found on the net) for those who don’t even know the protection schemes they are cracking, to … open or poorly secured WiFi. To say that such technology *does not* aid criminals is much lie sag that wearing gloves doesn’t aid the bank robber. BTW, an average bank robber, on the average, manages to rob 8 banks before getting caught. i can’t point you to the source, but sounds about right. To make this even more interesting, the majority of bank robbers are a from being criminal masterminds – simply ‘cos robbing banks is a high-risk-low-return crime, and Federal, too…
My point? What is the point of t article? No one has ever disputed the fact that it is possible for a criminal to get caught, no matter what aids he uses. This fact does not begin to imply that the “aids” are not highly useful.

Mike (profile) says:

Re: Re: disingenuous write-up

My point? What is the point of t article? No one has ever disputed the fact that it is possible for a criminal to get caught, no matter what aids he uses. This fact does not begin to imply that the “aids” are not highly useful.

You are wrong. Lots of people have repeatedly stated that open WiFi would mean criminals would never get caught. I pointed to a few articles that have said exactly that. So you are simply proving my point by saying that, yes, there are ways to catch criminals that have nothing to do with the fact they use open WiFi networks, which disproves the myth that open WiFi network criminals will never get caught.

Mike (profile) says:

Re: disingenuous write-up

How does this show that the WiFi network left clues (it didn’t according to the article)?

I didn’t say that the WiFi network left clues. I said the criminal left clues.

The only thing old-fashioned here is stupid criminals get caught.

Which was my point. Criminals leave trails. They get caught.

They didn’t trace him through the network.

I never said they did. I said they caught him through traditional detective work, which was my point. You didn’t NEED to trace him through the network.

You are accusing me of having said something that I never said.

Mastro (profile) says:

Don't agree that Police tracked him down

I don’t agree that Police tracked him down with old fashioned detective work. They only caught him because he was dumb enough to try and ask for money at a park and go pick it up.

“But on December 3, police intercepted an email demanding a large sum of money be “dropped off” at a local park, and the man was arrested by undercover officers.”

Paul says:


Ya if a bank robber wearing gloves ever calls up the bank and sets up a meeting in the park for more money…

Fact of the matter is that if you are going to commit an online crime that stays online and don’t connect it to yourself in the physical world then you’re never going to get caught.

It is pretty similar to stealing someone else’s cell phone. If you rack up calls to phone sex operators then no one will ever find you. If you start making calls to your friends then clearly there is room for detective work.

Devil's Advocate says:

I think you’re taking the whole “never getting caught” thing far too literally. Sure, using an open access internet connection (open WiFi, public library, whatever) doesn’t make you untraceable. If that surprises anyone it’s, well, a bit pathetic. Espacially when the evidence being left behind isn’t even “digital”.

But it’s hard to make the point that open access doesn’t make crimes, especially cyber crimes, easier to commit without getting caught. Not all criminals who commit crimes from their home computers get caught. Those who were only traced thanks to their IP or other digital footprint might have been lucky enough to avoid being caught had they used an open connection.

But then again a lot more criminals would get caught if only the police was allowed to use cars. I’m sure there’d be less crime if you made guns, knives and baseball bats illegal (though I’m not sure how awful it would be if you got rid of the first). If you’re gonna blame open WiFi for facilitating crime, as some people obviously do, I’d be more than happy to point you in other directions – directions that hinder progress a lot less.

Paul McDonald says:

The Detective work

Ok so the way the guy was caught wasent even from leaving “digital clues” behind…. he asked for money to be delivered in a park and they picked him up there ….. has nothing to do with the fact he was pigybacking, if it was that easy to catch someone who was backing they would have caught him before he got to the park…..

JustMatt says:

A.C. posts

Mike, what about disabling the ability to post as A.C.? Make everyone put some kind of name in there, as it gets rather confusing trying to keep track of the various A.Cs and A.C. sock puppets. I do realize names won’t take care of the sock puppet problem, but just like saying ‘sock puppet’.

Not that I’m proposing registration, I know you aren’t in favor of that. I’m just saying your popularity makes it kinda hard to track argument threads nowadays.

Tack Furlo (user link) says:

Old fashioned? Why not use newfangled techniques?

I only read about half these comments but it appears strange to me that nobody asked the obvious: did the router log connections?

I mean, people talk about this stuff and say “even though he left no digital fingerprint” as if that’s possible. If a linksys router has wifi or even just DHCP client logging enabled (and by default they do) and the wifi owner or installer sets a router admin password (and they should) then the criminal’s MAC address – which is static (spoofable, yeah, but still static) is logged in that router until several more people connect. It seems to me that of police would do the digital equivelent of securing the crime scene (i.e. unplug the router) they could review these logs and then use any number of utilities to track down the MAC Address, including calling the wifi card manufacturer and subsequently the laptop vendor. Often major vendors like Dell and HP keep records of the wifi (and ethernet) MAC Addresses and the corresponding serial numbers, which can then be linked to a name and address. Sure, you’d need a subpoena to get that information from Dell or HP (or you could invoke the almighty civil-liberty-trampling power of the Patriot Act) but it seems to me that you can use the supposedly anonymous wifi against the criminals.

The original story analogized using a public wifi as similar to a bank robber using gloves, and while this is good, a far better one might be him using a mask with no gloves. Any public wifi you connect to most likely (i.e. 95%+) logs that connection. Your MAC address is all over it. Just like a fingerprint, a cop can’t look at it at the crime scene and instantly surmise your name (unlike looking at your face) but they can take that MAC Address and use it just like a digital fingerprint to track you down after running it through a few databases.

So the real question here isn’t why cops talk about public wifi as if it kills their case. The real question is why cops don’t look at public wifi as a much better piece of evidence. A fingerprint that no gloves can stop and that can’t be wiped off with a cloth or cleaned with Windex. Like the blood inside the knife handle – it’s evidence most criminals don’t realize they leave behind.

Tim says:

Why not use newfangled techniques?

Hey Mr Tech Furlo
Just to remind you that its not compulsory to leave your name and address with a retailer when buying a PC/laptop? Hence, the MAC address may not be tracable to an individual in that way. You do not want a situation where by the police spend a fortune of tax payers’ money on a wild goose chase.

It might work though

Biff (user link) says:

This article is stupid. Old-fashioned detective work??? The man was picked up in a park where he went to collect money that he demanded through a spoofed e-mail. There was no “cyber detective” work done to catch this man. More stupidity. A basic thing criminals seem to misunderstand is that there is no way to demand delivery of money to a location and receive it by way of any person picking it up without creating a trail or simply being arrested on sight (with exception to some more involved tricks). That’s why this only works with ransoms of some kind. When you are receiving the object of value you must yet have something of value to demand that law enforcement keep a distance. The guarantee of receipt can be in favor of only one party (one gives money and hopes that kidnapee is released for instance, and in this man’s case, he demands money and gives himself up attempting to collect), but not both.

What a dumb article.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...