Connect to Wireless Network, Go Directly to Jail?

Wireless networking presents some special security challenges. In order for data communications to take place without cables, those communications travel across the airwaves using radio frequencies, much as AM/FM programming transmissions do. And just as anyone who has the proper equipment can pick up an AM or FM broadcast, anyone with the proper equipment can pick up wireless data transmissions.

Wireless networking has become tremendously popular for both business and home networks. Most use the 802.11b or 802.11g (which is backwards-compatible with b) technologies, referred to as wi-fi. Many new laptops and handheld computers come with wi-fi network cards built in, and Windows XP and Windows Mobile (Pocket PC) operating systems support wireless networking "out of the box."

If you're in range of a wireless network, just configure a few simple settings and you're in business. You can connect to public wi-fi "hotspots," your company's wireless network, or even the wireless home network that your next door neighbor set up so he could move around the house with his laptop and still connect to the Internet. If the wireless network you connect to is connected to the Internet, you can surf the Web or send e-mail through that Internet connection.

Setting up your own wireless network is not much more difficult. Just buy an inexpensive wireless access point (WAP) from D-Link or Linksys and plug it into your cable or DSL modem or your home network's router. You can use your wireless equipped computer to access your network from anyplace within range of the WAP's antenna - typically about 300 feet, but you can boost the signal with a repeater or by replacing the WAP's built in antenna with an external high-gain antenna.

The problem is that someone sitting in a car in front of your house, or your neighbor next door (especially if you live in an apartment or condo) may also be able to pick up your signal, use your bandwidth to surf the 'Net and, if you don't have the proper access controls in place, even access the files on your computer.

There are security mechanisms that you can enable to help prevent this. You can turn on encryption on the WAP, which will require that all wireless users know the password to be able to connect (if your WAP and wireless computers support it, use WPA encryption instead of WEP, as it's stronger). You can turn off SSID broadcasting, which will prevent your WAP from sending out its network name (Service Set Identifier) over the air to show up in others' list of available networks. You can enable MAC filtering, which allows you to specify that only computers with the physical addresses (an address that's programmed into each network interface card) you list are allowed to connect.

But many people who set up wireless networks don't do any of these things, and the network is wide open for anyone to connect. If you've ever traveled with your wireless-equipped laptop, you've probably seen other people's networks pop up in your list of available networks. What happens if you click the Connect button? Well, in some places, you might go to jail.

Last week in St. Petersburg, Florida, a man was arrested for connecting to someone else's wireless home network. You can read about it here:
http://www.wxpnews.com/rd/rd.cfm?id=...ED-WiFi_Access
He was charged with unauthorized access to a computer network.

This case is likely to set a legal precedent; legal opinions vary as to whether the government have a case. Some attorneys I've talked to argue that connecting to an unsecured wireless network is somewhat like walking across someone's yard when they haven't posted a "no trespassing" sign or otherwise given notice that you're not allowed. There are hundreds or thousands of "freenets" all over the country - wireless networks people set up with the intent to share them with the public. Can the defendant reasonably claim that by choosing not to use encryption or other security mechanisms, the network owner gave implicit consent for members of the public to use his signal?

Some others say it's more like intercepting someone's cell phone conversation. There are federal laws (specifically, the Counterfeit Access Device Law) that make it illegal to use a radio scanner to knowingly eavesdrop on cell phone conversations. Some states also have laws prohibiting intercepting telephone conversations of any kind without the consent of all parties involved.

What do you think? Should it be illegal to connect to a wireless network when that network's signal is available in a place where you're legally entitled to be? Should the burden be on the network owner to "give notice" that access is prohibited by enabling security? Is "war driving" (looking for open wireless networks and connecting to them to use their Internet connections) a harmless practice or theft of network bandwidth? Does it make a difference whether the network owner's ISP charges by the kilobyte for access or provides unlimited access for a set fee? Let us know what you think at feedback@wxpnews.com.