Punishing unauthorized wireless access

In this thread in GQ, saoirse posted a question about a name for using someone else’s wireless internet. Derleth pointed out all the interesting things you can do when someone connects through your hardware. So, I’m wondering, what do people think about doing that kind of thing? I assume the question varies by what you do. Some specific ones I wonder about-
How about the trick Derleth noted about inverting all images they see?
What about redirecting them to a different site? What if that site is obscene or otherwise inappropriate.?
How about pulling passwords or even bank account numbers? I’m pretty sure using them is well beyond what is acceptable, but just pulling them?

A lot of specific questions, but the main question is, what do you think is acceptable to do to someone using your wireless without permission?

I think it would be much simpler to just prevent them from connecting in the first place.

The inversed and blurry deterrants are just so absurd and lovely. I have a feeling I’d like the perpetrator in real life.

As an established ganker of Internets, I wouldn’t expect that anything I do online while not on my own secure connection isn’t being read, manipulated, etc. So I would say, anything not illegal is fair game.

beowulff, your right about that. This is a hypothetical question. I don’t (at the very moment) have a personal wireless network. When I do, it will be WPA encrypted and all that fun stuff.
If you need a situation it applies, maybe someone has an older wireless device that doesn’t handle WEP well and needs an open network.
As for my personal answer, I think manipulating what they are receiving is fair game, and manipulating it in an obscene way or taking info is more towards the sketchy end.

Our home wireless network was installed and is monitored by my son. So all my information about it comes from him. As to his attitude, well, if he’s driving and gets lost, he pops out his laptop and skims until he can find a hookup to hit mapquest with. He sees open networks as a desirable resource donated to the community, but one that shouldn’t be abused.

So when he checked and discovered that someone was riding our network, he just monitored it for awhile. Then he said that whoever it was had ordered the network to treat his connection as if it were five attachments, rather than one. That gave the rider five times the bandwidth of any of our machines, which torked the boy off and got that connection forbidden really fast.

So if you drive by our house and hook up for a short time - no problem. Start hogging bandwidth and scorn will be heaped upon you. I don’t think he’d bother tweaking the stream. You’re either welcome to stop by or persona non grata.

A lot of people are unfortunately very uneducated when it comes to computers and computer crimes. I know several people who never really thought about what it means to use someone else’s unsecured wireless connection. They see the connection and think “hey, cool, I can connect here!”, as if it’s something like a public drinking fountain. I’d feel badly about messing with those types, because they likely wouldn’t understand they’re being messed with, considering they don’t understand they’re doing anything wrong in the first place. I think I’d start with redirecting to a site that essentially tells them “stealing bandwidth is illegal, get off my wireless network” (like this).

Now, if someone continued to abuse my wireless despite warnings, well, stealing bandwidth is a prosecutable offense pretty much anywhere. If they’ve been given fair warning and ignore it, the best “revenge” would be reporting the crime and letting the legal system deal with them. That said, secure your network and you won’t have to deal with people leeching bandwidth unless they’re serious hackers - locks do only keep out honest people, after all.

By the way, Yllaria, you might want to talk to your son about securing your network. If someone conducts illegal activities via your wireless network, it will come back to you. For example, your ISP will hold you accountable for spamming done via your connection, which could cause them to discontinue service. Cite

How can you see if someone else is logged on using your router? My router configuration pages don’t show any ready way of doing so. But it sounds like some of you (Yllaria’s son, for example) have ways of monitoring this.

We do have ours secured (WPA) but this thread reminds me that there is doubtless more we can/should do.

Mama Zappa, it depends on the router.
One way that I’m sure is on the vast majority of routers is logging everything that goes through it. You should be able to find a page that will show you what computer connected to what website, and if one of those computers aren’t yours, then you know you have a problem.
With WPA, you should be ok… WEP can be cracked fairly easily, but WPA is much tougher.

Non-techie here. I’ve tried to get instructions through our providers of wireless to give me CLEAR instructions on how to secure our connection.

I followed the instructions to the best of my ability and now cannot log on at all without using another wireless in the neighbourhood.

I didn’t realize it was that bad.

Now I can’t get a response from our provider and am stuck. I think it had something to do with choosing a password or letting the system choose one. I picked let the system and now I can’t get past it (duh!).

What do you mean by “that bad”? Using someone else’s wireless? While illegal (I believe), the ethics are debatable. If you mean the kinds of things people can do while your connected… well, you can take some consolation in that if someone doesn’t know how to secure their router, they probably don’t know how to do much to your connection.

For your issue with wireless, I can’t tell you much without knowing the make/model of the router, but if you hold the reset button on the back for 30 seconds, it should reset to factory defaults. Not sure if thats a good idea if your wireless router is also your connection to the internet though.

Unauthorized use of telecommunication services is considered theft and is illegal in Canada. Cite Canadiangirl, you should probably get the situation cleared up as soon as possible for your own safety. In the U.S., laws vary from State to State, but you may be facing a class three felony (Cite). And in the UK, you may face fines and jail time (Cite 1, Cite 2).

As far as the ethics of co-opting someone’s wireless signal, look at it this way: if you leave your keys in the ignition, does that give someone the right to take your car for a joyride? Theft is theft, whether the door was unlocked or not.

There’s a reset button on your router - hold it in for 10 seconds (or when powering up the router) and it will reset to the factory defaults.

No argument that it’s illegal, but this is a pretty poor analogy. If you leave your speakers on, does that give someone a right to listen to your music? If you leave your network set up to broadcast its presence and gladly accept connections with no warning or authorization required, it ought to be legal to use the connection.

I’m having difficulty imagining a scenario in which someone could eavesdrop on home speakers without trespassing. Regardless, eavesdropping on music doesn’t have the potential to cause issues for the stereo owner the way excessive bandwidth use or spamming would cause ISP problems. To me, the ethics of joyriding v. wireless use are identical; something that isn’t mine is just sitting there for me to use or not use. The key words being “isn’t mine” - therefore, I’m not going to use it without permission whether it’s sitting there for anyone to take, or behind locked doors.

Please understand, I’m of the belief that wireless owners have a responsibility to educate themselves and secure their connections. At the same time, I don’t believe something being unsecured implies permission to use freely. I would feel I was taking advantage of someone to use an unsecured wireless connection - I don’t pay for it, I don’t have a right to it any more than I have a right to hook up my hose to my next door neighbour’s spigot, or walk into their unlocked home to watch their cable TV.

I think that ethical analogy has a major flaw. You don’t account for what the wireless users (either of them) are doing. If you borrow someones wireless to download your email, it takes a trivial amount of bandwidth that the owner was more than likely not using. The owner wouldn’t even notice unless he went back through the logs. The car deprives you of use of the vehicle, creates wear and tear, uses gas, and has a chance of destroying the car if the joyrider gets in an accident.
Your analogy gets closer if the wireless hijacker is using the wireless to spam/download huge files and take all the bandwidth (see Yllaria’s post about the wardriver taking five connections). In that situation, I still may not quite agree with you, but it’s much closer.

Just to add:

modifying the data stream to someone attached to your wireless network requires the use of a proxy server and some tricky firewall rules - the usual configuration is a linux system with squid as a transparent proxy. While it may seem fun, it’s not trivial to set up.

As for the ethics of sharing/piggybacking/jacking/…, it is more and more common for DSL/Cable accounts to have data use caps, with penalty fees for traffic that goes over the limit. Securing your wireless is as much about preventing unexpected costs, inappropriate use and possible civil or criminal proceedings. Tragedy of the Commons is fairly clear on why this is the case.

Si

Absolutely agree with you.

In this case the guy was guilty (he had porn on CDs as well), but the case was brought because someone sent an image over IM and it logged his IP address. He argued that because his WAP was unsecured it could have been anyone connected to his network.

Anyone connecting to your WAP and going online would do so with your IP address… so anything they do would lead back to you. In this day and age where even allegations concerning child abuse can ruin you professionally and personally (it even forces some people to suicide) you have to be very careful.

Well, it’s your IP address that will be listed as accessing that site… so if the site is obscene then you might face prosecution (see above).

I would also be very hesitant about doing anything to someone who was connected to my network (even without my permission). It’s a criminal offence to make alterations to a computer system without permission, and the penalties are more severe than those for hopping on an unsecured network. Similarly ID theft (if you were to sniff their traffic and get credit card details or passwords and logins) is an even more serious offence. You couldn’t use the defence that they were stealing from you, any more than you can torture or punish a caught burglar. You’re not allowed to take the law into your own hands.

I agree, the car situation is a bad example when comparing the potential impact v. wireless “borrowing”. The situations are the same to me from an ethical standpoint, however, because both are essentially taking advantage of someone’s ignorance or oversight. To me, it doesn’t matter how trivial some might consider the use if it isn’t mine to use. Yllaria’s son is likely the exception, not the rule; most people don’t leave their wireless unsecured as a favour to those around them. I understand the grey areas here, and I understand your viewpoint. I just don’t agree that something being unsecured implies permission to use, whether it be a car, a sprinkler system, a cable TV connection, or a wireless network.

I was just asking for terminology in the other thread, so I didn’t really get into the ethics, but how about the example I used there. If you’re next door to a cafe that has a “Hot Spot” sign in the window, and find that if you sit close to the property line, you can use their signal?