by Derek Kerton

Filed Under:
free-riding, security, wifi


Security Firm Sophos Calls WiFi Piggybacking 'Stealing'

from the mischaracterizations dept

It should come as no surprise that a security firm, in this case Sophos, is casting the act of using a neighbor's unsecured Wi-Fi access point as a crime. The bigger the threat, the more money there is for security solution vendors and consultants. In the latest research, Sophos found that 54% of wireless users surveyed had "stolen" access at one time or another. The report then frames these casual users as thieves by lumping them in with the epithet "cybercriminals". Techdirt's position has been steady: If a hosting Wi-Fi owner transmits a signal into your property or public area, and that signal proactively announces an SSID which functions like an invite, yet the host has left the network unlocked, then the host's DHCP server actively accommodates the guest and offers an IP address for them to use... then why would any casual user suppose the host's intention is not to share that Wi-Fi? Certainly the host's actions indicate an intent to share. There is no lock breached, there is no violation of private property. There is no trespass. But forget these technical arguments, let's look at the Sophos data: a 54% majority of Wi-Fi users have shared someone's Wi-Fi (and I'd say more have but weren't aware). Are the majority of people really cybercriminals? Also, if victims need to be told that they were "robbed" by Sophos research and a press release, and sensationalist news stories, just how victimized were they? Yes, there are real risks to offering an open AP, so we advise most people to lock down their Wi-Fi. That doesn't make criminals of cybervisitors.

Obviously, the situation can be very different if just a few parameters are changed:
  • If ANY kind of hack or bypass is needed to get through some form of security, then the innocence of the visitor is highly dubious. Even the easily hacked WEP is 100% functional as a signal that the host does not want "visitors".
  • Any kind of viewing, or messing around inside the host's LAN, PCs, and other equipment is illegal through existing laws. Doing so is no longer a victimless activity.
What do Techdirters do? We would advise turning on some form of security for most people out there. It's damned easy, so check your manual. But, calling people who use open WiFi criminals is just wrong.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    dumbfounded, 16 Dec 2007 @ 10:37pm

    I don't think just the fact that you don't lock your wifi means it's an open invitation for anyone to use your bandwidth. If I don't lock my house it's not an invitation to come inside and take my stuff. If I don't lock my car it's not an invitation to take my car. Yes it IS an open invitation to use your bandwidth if you don't lock your wifi; if you don't lock it it is GIVING EXPRESS PERMISSION to anyone that connects to it to use it. It's not stealing if you are given permission to use it. If you are too lazy to read the manual and spend the few minutes to learn how to block people from connecting to you, too darn bad. If you choose to not be responsible for such a simple thing that is under your control, then you need to accept the consequences of your lack of responsibility and not blame others for it.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.