You left out the watering the grass analogy.Originally Posted by Barry
Next thing you know they'll throw out listening to someone's radio through an open window, or using the light from their front porch to read a book on the sidewalk....
You left out the watering the grass analogy.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Would that be the neighbor's sprinkler hitting your lawn, or physically grabbing their hose to water the yard?
Oh, there's also the "Their signal is in my house" argument.
Yes, connecting to an unsecured AP is just like walking into a strangers house just because his/her door was open. Both is illegal if without permission.Indeed Thorin. In the Netherlands this is called Computer tresspassing, which describes it poorly, but hey, it's not the hackers creating the law
Connecting to someone's unsecured wifi is dubious and unethical at least, so I don't think the mods will respond well to it.
Fully agreed: in all countries that I know this is the case.
I am just wondering about the otherside. If that false AP is bad as suspected, TMHO it is not illegal. If it is than all honeynets would be illegal too. Of course, I am talking here about "normal" countries vs countries like Germany where the simple fact of having a tool like backtrack is illegal.
There are ways to identify rogue access points on your network without connecting to them. If it's not on your network, it's not a rogue access point.
What about connecting to hotspots without anyone's permission? If it's illegal, wouldn't FON (hxxp://www.fon.com/en/info/whatsFon) be a total failure?
This is the reason why I was not talking about a rogue access point but about an open evil AP
If it is not you, it could well be a clueless user.
To illustrate my point, I will note two things: There are 8 un-encrypted networks within alfa range of my house at the moment. They are always on and rarely if ever have people connect to them. They are all owned by grandparents or older people who only surf when their kids are around. (Edit: I know this because I'm right on top of the local church and do support for all of them).
The other one is a user who brought a WAP in one day, installed it into a network plug and went wireless on their laptop because they were not permitted access to the corporate network. Their SSID was set to "linksys" by default, and no password. It was up to me (as the company sysadmin) to determine, detect and remove said device.
So, it's PROBABLY either a rogue AP (like the second instance) or it's a clueless user. The odds of you getting an evil AP individual with *only* the linksys SSID are phenomenally high - any attacker worth his wifi cards will be going for at least the top 20 to try and catch as many automatic-logons as possible.
My point here is it's either a rogue AP on a company network, and thus not your problem or concern (it is that of the admin's, regardless of how stupid they are), or it is someone who genuinely needs that (because their kids didn't fix it and they don't know). And even if it is an evil ap, it's not your concern because you shouldn't be breaking the law by connecting to it.
So, in the words of so many children of this and prior generations:
"Mind your own business"
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
The FON networks are set up to be connected to, there's a difference. Though to be honest, most FON users are most likely breaking their ISP's TOS. Also I highly doubt a FON network is going to be called "linksys", or "netgear" or "2WireXXXX".... Now if you find an access point called "Free internets" then I'd say that's okay, but I wouldn't touch it.
Posting Permissions