We could argue that the accesspoint is sending out beacon frames, and
responding to probe requests, and
therefore is giving you permission to access it, by means of telling
you it's there, and sending you what you need to connect to it. DHCP
works the same way - it responds to a DHCP broadcast and gets an
address sent back. Whether this would hold up in court, I don't know.
Now, also, we must remember that the chances of being caught and
successfully prosecuted for doing this are very slim - change your
MAC address, people. How would they prove that the MAC address is
yours (you changed it, right) - it doesn't match any of your
hardware. And I suppose even if they knew you changed it, they
wouldn't be able to get enough evidence to get your computer seized
and checked. If you were found innocent of having done that, you
could probably sue them and claim damages from not having your
computer (and probably get away with claiming more than they did
against you for having to secure their WLAN). How would they prove it
was even you? WIth a directional antenna tracking you down, there's
still some kind of doubt as to whether they were doing it properly.
So far, two people have been charged for this. One person had to pay
a 300 pound fine, and lost his laptop. I'm not sure what happened to
the other. However, these people were very obviously caught - one was
tresspassing on private property to access the network iirc (use an
external antenna, people), and the other was sitting in his car
outside someone's house, and closed the laptop when the owner of the
network came and asked what he was doing. A third person using a
store's wireless network (holding a cantenna out the window,
especially one that you bought pre-built from cantenna.com really
makes you look suspicious (and stupid)). He pleaded guilty to a
misendemor. He was allegedly trying to hack the store's cash register
system.
One slightly less technically competent person I know was victimized
by this happening, and hired me to secure their accesspoint. The
person had downloaded a large amount and gave him about $75 of excess
usage charges (500MB plan). My guess was it was probably windows
"accidentally" connecting to another network, or someone doing it on
purpose as that transfer would have taken about 5 hours off their
512/128 ADSL. So I would say, if you are going to do this (and
legally, I don't reccommend you do, but what you do is your own
choice), don't do something selfish like that.
Now, using the network cracking features on a network (It could be
argued that using the cracking features aren't illegal because you
aren't actually doing anything to the network, only to the stored
data on your disk... but it might be preparing to commit an illegal
act?), would definitely be illegal if you actually joined the network.
Remember, connecting to an open network is like plugging your laptop
into their router (minus the trespassing etc..). Don't do anything
over wireless that you wouldn't do through wired.
Legal disclaimer: Anything you do/don't do after reading this is YOUR
responsibility. I do not advocate connecting to open networks myself,
but what you do is your choice, and NOT my responsibility. If you
choose to go and crack into someone's WEP network (and somehow get
busted) don't blame it on me, or any of the kismac team.
On 06/05/2006, at 3:24 PM, Barry Woods wrote:
Just to throw some laws in the mix... And a rough explanation.
The federal law, I.E. all 50 states. http://www.usdoj.gov/criminal/ cybercrime/1030_new.html
Rough translation,
So, let's say we just want to do some Internet surfing via a wide- open, unencrypted AP of unknown origin (probably a neighbor), from the luxury of the living room
-Is it intentional? YES.
-Is it a "computer" I'm accessing? According to USC 18 - YES. An AP is a computer by definition.
-Is it a protected computer? According to the definition in USC 18 - Not inherently. But in this case we'll be getting on the Internet, so YES.
-Is the access authorized? It's kind of subjective, but I don't believe so.
-Am I causing a loss of $5000 or more? Easily - See below.
"Loss" can include things like time spent responding to the incident, damage assessment, etc. So, "loss" can add up pretty quickly with these intangibles. However, it doesn't count unless the loss was incurred as a result of a crime.
So, to sum up - Chilling in your living room and surfing via your neighbors AP (as harmless as it seems) is a federal crime. Also, some states like Alaska now have laws that specifically prohibit doing this as well (Theft of Service).
On 5/1/06, Kharlyt < Kharlyt@xxxxxxxxxxxx> wrote: That's probably what it's about 'cause the network I think about isn't SSID hidden... thank you both for your explanations. Le 1 mai 06 à 11:59, themacuser a écrit :
> Also, the network may have a higher power base station than your
> airport card - you can hear it in passive mode, but your airport
> card isn't transmitting strongly enough for it to pick you up.
>
> On 01/05/2006, at 6:50 PM, Robin L Darroch wrote:
>
>> The networks you see in your Airport menu are those which are
>> broadcasting their network name (or "SSID"). However, for added
>> security (although only a bit of added security), some people turn
>> off SSID broadcast on networks. To connect to such a network, you
>> need to choose "Other..." from the Airport network, then type in
>> the SSID. KisMAC can often identify the SSID of networks which do
>> not broadcast them. However, getting the SSID is only one-third
>> of the battle.
>>
>> You also need to know the network key if the network is encrypted
>> (i.e. if it has "WEP", "WPA", "LEAP" or anything other than "NO"
>> in the Encryption column in KisMAC (unencrypted networks show up
>> as green dots on the map).
>>
>> Finally, the network administrator may have a list of network
>> adapter hardware addresses (or "MAC addresses") which are allowed
>> to connect to the network. If this is the case, either your
>> adapter's MAC address needs to be on the approved list, or you
>> need to fake your MAC address (which, while possible, is not an
>> easy thing to do).
>>
>> In general, if a network hides its SSID and/or uses encryption and/
>> or has a MAC address access list, it's because the administrator
>> doesn't want you to connect to it... and attempting to do so
>> (often even if that attempt is unsuccessful) could be a criminal
>> offence. In fact, it's just as much of an offence to connect to
>> an open network that broadcasts its SSID if you do so without
>> permission, but you can always use the "oh, my computer did it all
>> by itself" excuse in that case.
>>
>> Cheers,
>> Robin
>>
>>> Hi,
>>>
>>> I am using Kismac sometimes with my airport express card,
>>> sometimes with my dwl-122 and I realize that a lot of networks
>>> that are seen in KisMAC are not seen once it is quit and that I
>>> look at the networks found with my airport card alone, and so it
>>> is not possible to connect to those and use them. Is there a way
>>> to connect to these ? 'cause I suppose if it can be seen, it
>>> should be possible to connect to it in a way or the other...
>>>
>>> Thanks.
>>
>>
>> --
>>
>> ---------------------------------------------------------------------
>> ----
>> Robin L. Darroch - PO Box 2715, South Hedland WA 6722 - +61 421
>> 503 966
>> robin@xxxxxxxxxxxxx - robin@xxxxxxxxxxx - robin@xxxxxxxxxxxxx
>>
>>
>
>
>