by Derek Kerton

Filed Under:
free-riding, security, wifi


Security Firm Sophos Calls WiFi Piggybacking 'Stealing'

from the mischaracterizations dept

It should come as no surprise that a security firm, in this case Sophos, is casting the act of using a neighbor's unsecured Wi-Fi access point as a crime. The bigger the threat, the more money there is for security solution vendors and consultants. In the latest research, Sophos found that 54% of wireless users surveyed had "stolen" access at one time or another. The report then frames these casual users as thieves by lumping them in with the epithet "cybercriminals". Techdirt's position has been steady: If a hosting Wi-Fi owner transmits a signal into your property or public area, and that signal proactively announces an SSID which functions like an invite, yet the host has left the network unlocked, then the host's DHCP server actively accommodates the guest and offers an IP address for them to use... then why would any casual user suppose the host's intention is not to share that Wi-Fi? Certainly the host's actions indicate an intent to share. There is no lock breached, there is no violation of private property. There is no trespass. But forget these technical arguments, let's look at the Sophos data: a 54% majority of Wi-Fi users have shared someone's Wi-Fi (and I'd say more have but weren't aware). Are the majority of people really cybercriminals? Also, if victims need to be told that they were "robbed" by Sophos research and a press release, and sensationalist news stories, just how victimized were they? Yes, there are real risks to offering an open AP, so we advise most people to lock down their Wi-Fi. That doesn't make criminals of cybervisitors.

Obviously, the situation can be very different if just a few parameters are changed:
  • If ANY kind of hack or bypass is needed to get through some form of security, then the innocence of the visitor is highly dubious. Even the easily hacked WEP is 100% functional as a signal that the host does not want "visitors".
  • Any kind of viewing, or messing around inside the host's LAN, PCs, and other equipment is illegal through existing laws. Doing so is no longer a victimless activity.
What do Techdirters do? We would advise turning on some form of security for most people out there. It's damned easy, so check your manual. But, calling people who use open WiFi criminals is just wrong.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Sergio, 16 Dec 2007 @ 4:00pm


    It seems like you and your state are ignoring that the AP is acting on your behalf and granting people access.

    Here's an example. You invite a friend to stay with you long term. You put him in charge of your water hose. He stands out in the front yard with the hose. I walk by and yell "hey, can I have some water?" to which he replies "sure!", I have a drink and go home. There is no way in hell you could then come over and say that I stole your water.

    Now, if you told your friend that only you and your spouse could use the water, or if you specify to him that he can only give water to someone who knows the code word, that's a bit different.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.