It should come as no surprise that a security firm, in this case Sophos,
is casting the act of using a neighbor's unsecured Wi-Fi access point as
a crime. The bigger the threat, the more money there is for security
solution vendors and consultants. In the latest research, Sophos found
that 54% of wireless users surveyed had "stolen" access
at one time or another. The report then frames these casual users as thieves by
lumping them in with the epithet "cybercriminals". Techdirt's position
has been steady
: If a hosting Wi-Fi owner transmits a signal into your
property or public area, and that signal proactively announces an SSID
which functions like an invite, yet the host has left the network
unlocked, then the host's DHCP server actively accommodates the guest
and offers an IP address for them to use... then why would any casual
user suppose the host's intention is not to share that Wi-Fi? Certainly
the host's actions indicate an intent to share. There is no lock
breached, there is no violation of private property. There is no
trespass. But forget these technical arguments, let's look at the Sophos
data: a 54% majority of Wi-Fi users have shared someone's Wi-Fi (and I'd
say more have but weren't aware). Are the majority of people really
cybercriminals? Also, if victims need to be told that they were "robbed"
by Sophos research and a press release, and sensationalist news stories,
just how victimized were they? Yes, there are real risks to offering an
open AP, so we advise most people to lock down their Wi-Fi. That doesn't
make criminals of cybervisitors.
Obviously, the situation can be very different if just a few parameters
- If ANY kind of hack or bypass is needed to get through some form of
security, then the innocence of the visitor is highly dubious. Even the
easily hacked WEP is 100% functional as a signal that the host does not
- Any kind of viewing, or messing around inside the host's LAN, PCs, and
other equipment is illegal through existing laws. Doing so is no longer
a victimless activity.
What do Techdirters do? We would advise turning on some form of security
for most people out there. It's damned easy, so check your manual. But, calling people who use open WiFi criminals is just wrong.