I recently did my first bit of "cracking/hacking" I guess, although please don't be impressed because it was only possibly illegal and definitely trivial. Basically, I just plugged in my wifi card to my laptop and fired up dstumbler to see if there were any wireless networks around me. And there were a ton. My stars. Many of them without any encryption or protection at all. So naturally, I was curious to see if I could get on one of them.
So I picked the network with the strongest signal that didn't have encryption. It didn't automatically let me on via DHCP, but I did notice that it was a DLink wireless access point. I know the default network setup for those, since I own one, so five minutes later I had manually assigned myself an IP address and set my default gateway and DNS servers. Internet access was mine as well as a overwhelming feeling of victory and cleverness.
I figured this wireless network was one of two kinds, either
a) A purposely open wireless network, designed to give others free access. If so, my presence was no problem.
b) A wireless network carelessly left open. Was my presence illegal?
In any case, being paranoid, I assumed the latter. I was still really excited that I had gotten free internet access until I realized that I wanted to a) check my email
b) write in my weblog and c) chat on aim (well, actually gaim) - but of course I couldn't do any of those, because if I was doing something illegal, doing any of the aforementioned activities would give away some important piece of information concerning my identity. I could see the headlines: "Idiot hacker penetrates network, signs email with actual name, caught hours later."
So "breaking into" the network wasn't everything I thought it wouuld be cracked up to be. But it got me to thinking: what constitutes illegal access to wireless networks? If I just popped in my network card and got internet access without doing anything, would that be illegal? Even if they put no protection up against it? What about what I had, in fact, done? I just assigned myself a place on the network. I didn't specifically break any safeguards. The only thing "protecting" the network I got onto was the fact that the connection wasn't automatically set up by DHCP. I know of an actual hacker who does most of his hacking just using a web browser. He doesn't use holes in programs, he just accesses things carelessly left available to anyone on the internet. How much effort do you have to exert to access something before you are "breaking in"? And how much responsibility lies with those people who leave a system open to the public?
Posted by Ben at August 4, 2003 06:56 PMBen,
gaim? I didn't know you were of the Linux (or some form of UNIX) gild. Yay.
I don't think there are legal restrictions on it, as far as you're concerned. It's kind've like having a cellphone that joins a random cell owned by some company not affiliated with your provider.
I think the person who would have issues would be the owner of the access. If it was a cable/DSL user, they may be breaching their contract by (unintentionally, perhaps) sharing a connection with a third party. You would probably have nothing to worry about, unless you decided to scan nets and run exploits from the connection.
One of my friends used to work for a PD in northern IL. They have several files which show an interesting set of grafiti that police/others have identified as indicators of wireless networks, open/closed status and encryption. He quietly mailed me a copy -- frankly, I was surprised that the police department was in the know about such "phreaker/cracker" related stuff.
But yeah, anyhow... :)
Posted by: Damacus at August 6, 2003 08:04 AMDo you remember when you only had to pay for windows when *you* broke
them?
-- Noel Maddy
lipitor