|
|
Lincolnshire boy arrested over WiFi theft
Author: Gareth HalfacreePublished: 31st October 2008
In the event of hackers stealing your gigahertz, contact the Lincolnshire Police for an immediate response.
According to an article over on The Register, an un-named sixteen year old in Lincolnshire has been arrested under the suspicion of illegitimately using his neighbour's unsecured WiFi connection to browse the web.
Originally arrested on the 5th of October under the Computer Misuse Act 1990, the youth was accused of “hacking” the wireless access point belonging to his neighbour and removing the encryption so he could surf unfettered. The individual was tracked down by the access point's DHCP server recording the host name of every computer to which it grants a lease – the boy's computer was configured by his father and had the host name set to his full name, making tracing the youth somewhat easier than it might otherwise have been.
The youth, on the other hand, tells a different story. With his own WiFi connection configured and working, he argues that he would have no reason to use his neighbour's connection over his own. He admits, however, that it is possible he accidentally clicked on his neighbour's connection by mistake – Windows having the feature of offering to automatically connect to any network it sees. For this to have happened, the access point must have been unencrypted – something the youth is accused of arranging for his own ends, but a setting which is the default of many commercial access points unless explicitly changed.
Although the youth was questioned between 2100 and 2345 that night, he was released on bail pending further enquiries. The boy's father has since received a a letter cancelling the bail and informing the family that no action would be taken – giving the father cause to complain over what he is referring to as the “unlawful arrest and detention” of his son.
What is most interesting about this case – even though it fell at the first hurdle and was dropped before charges were ever brought – is that the youth is not accused of using the connection for anything bad, but merely of using the connection at all. If the connection was, as he claims, unencrypted and configured with a generic SSID – especially a common name like LINKSYS which it may well share with his own connection – it's hard to see how he could be guilty of a crime at all.
Do you believe that WiFi 'piggybacking' should be a crime, or is it up to network owners to secure their own equipment if they don't want others using it? Share your thoughts over in the forums.
Related
Comments (42)
Compare over 250 mobile phones &
52,000 deals!
Compare over 100 broadband & mobile broadband deals online!
- Site Links:
- About
- Email Editor
- Newsletter
- Privacy
- RSS
- Score Guide
- Our Other Websites:
- Auto Express
- Channel Pro
- Computer Buyer
- Computer Shopper
- Den of Geek
All content © bit-tech.net 2000-2009
© Copyright Dennis Publishing Limited licensed by Felden
They should start using access points with hardware encryption that can not be disabled or something like that.
PS I did encrypt my Mom access point.
If you ask Windows to search for available networks then it will show all it can detect and if one pops up as available and unsecured can we all honestly say that we wouldn't be tempted to try it?
If the network was never secured I'd be more inclined to charge the owners of the router than the guy accessing it 'illegally'.
Not sure how easy this would be to achieve.
It would be simple to have a wizard that prompts you to set it up though, its not rocket science.
And anything less than WPA with a strong password (WEP, MAC filtering, hiding SSID etc) is useless for security anyway.
'Course, the WPA password is auto-generated at the factory based on the wireless MAC and is trivial for an attacker to calculate, but points for effort.
I've learnt my lesson.
In all seriousness though, if someone is allowed to enter your house legally as long as they don't break and enter, it should not be a crime to use someones WiFI, unless they needed to do some code cracking first....
Hell yea I'd eat it.
Heres one: http://money.cnn.com/2005/08/08/technology/personaltech/internet_piracy/index.htm
All routers I've seen/used come with a setup utility that the manual says to run, which, if you complete it, asks you to set a password for your router. Most people don't bother with it and just leave their router unencrypted.
Honestly, even if someone does something bad with your wifi.. if you left it unencrypted, then it's your own fault. It's like saying "Well, I left my front door open and someone came in to my house, that *******!"
wireless is like your car. u buy a car and they give u a key to drive it. u can lock the car and bring the key with u for security, or u can leave the key in the car at all times and park it in the worst neighbourhood in town. car dealer dont care. car owners SHOULD.
anybody with unsecured wireless are just asking for it. getting somebody piggybacking on ur unsecured network is the cost of picking up a technology without the effort of knowing how to utilize it properly. like buying a goddamn ferrari and dont bother to figure out which one is the alarm button.
if people can't deal with it, then they should stick with wired networking.
(or a mac? rofl i heard their wireless is easy to secure and easy to use)
so wait wait, let me get this straight what your saying is that if someone leaves there car unlocked its okay to steal it? because well I could swear that is still considered theft? and by that logic its okay to break into someones house because they didnt lock a door??? huh thats new to me, when did they amend those laws?
I can see wifi stealing being right up their with stealing the neighbors cable, because someone is paying for it and your using it with out their agreement, granted people using wifi need to be better educated in securing it but theft is still theft no matter what excuse you try to give it. Your taking something without paying or without consent and that is theft.
It's a flawed analogy. The neighbour failed to lock his chocolates in a secure box and he let you know he had some chocolates, but it would be unfair to say that he placed a plate of chocolates in your house.
Clearly the kid shouldn't be prosecuted, but there is no compulsion for the neighbour to secure his router. It is sensible to do so (and even not broadcast the SSID), but currently there is no law to say he has less rights if he doesn't enable WPA.
The car analogy is also wrong. Just because a car is unlocked, it doesn't mean you can enter it. IANAL, but I'm pretty sure it is still against the law.
My mum forget the WPA key for her router so when my brother took his laptop to her house, went down the network list until she got access to t'interweb. She failed to connect to he own network, she failed to connect to on neighbour's secured network, but she succeeded in connecting to another neighbours network. It was odd that when I told her what she had done, she didn't seem to bothered and didn't want to change anything... FFS!
I was about to say that.
I think they over-reacted in this case. And I think that it should be up to the neighbor who was having his connection used as to whether or not charges are pressed. I mean did he incur extra usage fees, etc? But think this situation should have reached this height. If the kid was using it to torrent 100's of albums and such, then sure. But this? Nah.
Yes, the owner needs to take responsibility and encrypt his wifi. But until that becomes an automated program that runs upon first connect/boot-- the odds of it happening for the majority of the masses out there is slim. We lock our cars cause we know how and its easy. An unlocked car shouldn't be stolen. An unecrypted Wifi point shouldn't be KNOWINGLY used CONTINUOUSLY so that you don't have to PAY A BILL. But as the article said: The kid had a working net-connect. So it sounds like an honest mistake and just a glaring reminder of how badly a standard encryption needs to be made mandatory in this day and age.
Hope this came out intelligent and logical.
(PS - How many of you encrypt your Bluetooth with passwords? Or is it all Zeroes for you too? Just a thought before you continue to ream this guy for not encrypting his router.)
Manuals? Who the heck reads those? I for one almost never read manuals... Hum... I wonder if that's why I had to spend an hour taking my staple gun apart because I loaded the staples incorrectly and jammed it. Well at least I did read the manual for installing the blade on the circular saw.
but most cheapo wireless cards and belkin cards (same cheap) alot of them come preconfged to connect to an open network auto (all have the option to turn it off and on but most are turnd on) from house to house its an gray spot realy as some of my customers was connected to the next doors netgear router as his buffalo one stoped working but he knows how to turn the pc on thats about it
The Computer Misuse Act 1990 made unauthorised access to computer systems a criminal offence, which now carries a maximum penalty of two years imprisonment. The Communications Act 2003 also specifically made unauthorised access to a wireless network a criminal offence. Unauthorised in this context means without the permission of the owner/administrator. The level of encryption, security and so on is irrelevant - if you do not have permission of the owner you're committing a criminal offence. Leaving a wireless network unsecured does not automatically construe an invite to use it. This isn't obscure either - if he uses computers at school he should have been made aware of the law through their Acceptable Use Policy.
As for the unlocked car analogies, be as it may, it is still a criminal offence to Take Without Owner's Consent and the thief will be punished exactly the same regardless of whether the car was locked or unlocked.
What I find more amusing, and slightly pathetic, is the Police reaction. They're clearly not clued up sufficiently to make even a bungled job of this.
For example, my university broadcasts the wifi SSID for the open access network. However, only students and staff actually have permission to use it. Anyone else attempting to is breaking the law.
Sky broadcast their signal across the entire country, but you still have to pay for subscription.
The mobile networks cover most peoples homes, but you are not allowed to listen in on everyones phone calls.
However, if you know of a technique that allows electomagnetic radiation to understand & respect ownership of land parcels, I'd be interested to hear it.
No.
Kiddy fiddlers and terrorists apparently use this technique - 'It wasn't me Guv; somebody else must have hacked in!'
Potentially. By law they can, but unless the intruder had malicious intent, you would hope that no further action would be taken.
I disagree with the whole car is open, your fault if it gets stolen because I think no-one here would not want that person prosecuted. They took your car! However I have no problem at all with someone using a few of my spare bytes, nor should the law. Go crazy and I'll block your mac!
As quite well a lot of people said above how is possible the offended person to resolve the computer name while he couldn't secure his own network. And how he found this in first place. Does he monitor the active connections on his router all the time?
And if he does, then something is fishy here don't you think?
He wanted for this thing to be done. Probably he changed the network name to the same as the neighbourgh one, having knowledge about the SSID (thats easy). Windows will connect to the same SSID without warning you about unsecure or secure connection if you have already agree to use that name.
Also at least here in UK all the mainstream providers who supply you with a router are already preconfigured with unique SSID and password. BT, Sky are some good examples. Only when you get your own router you have to do it. And 90% of the wifi routers have a tick box on the configuration to hide your SSID too. Like my cheap Dynamode.
Btw I live in Licolnshire (Gainsborough area), it could be more helpfull to know which local force did that. I have quite a few officers as neighbourghs :)
1) Secure my wifi
2) Talk to my neighbor
I'd also be concerned if the police started proactively pursuing this type of crime since it's pretty low down on everybody's priorities.
Theft of broadband services, wirless and telegraphy act, and computer misuse act.
I always setup encryption to the highest possible on my customers networks (equipment depending)
if people use this equipment they should read the manuals (even if on disk) this explains how to set it up, if they arent competant then they should pay someone to setup for them.
but just because a neighbour hasnt set up the encryption, doesnt mean you have a right to use it.
if i leave my door unlocked, does it give you the right to just walk in and take what you want without permission, no it doesn't
it has been known for peeps to intend to lockup but actually forget to do it, as they may have been distracted by something else