Free Ebook.


Enter your email address:

Delivered by FeedBurner

« We're Getting Zero Financial Aid for Our Kids | Main | Good Ways to Deal with a Gift Card You Don't Like? »

September 08, 2008

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

It doesn't matter what everyone at work thinks. The fact of the matter is that someone else is paying for it, and you are not. If the owner of the network gives you permission to use it, that's another story.

And yes, it does make you a hypocrite if you use it in the interim.

Let me tell you one thing.... it is unsafe for the owner to leave his wireless router unsecured, not soo much that others are using his bandwidth, but because a person can do a network sniff and steal your identity and finaincial info if they wanted to.

Now for you to use THEIR unsecure network, you're opening yourself to this danger also.

moral, law, legality issues asside. You're just putting yourself in risky behaviors...

it's kinda ironic for you to steal someone elses internet, in the mean while someone else is stealing your indentity. hehe. sorry.. kinda amusing.

If I was young and broke, I'd go for it. I prefer my own router now though. Don't expect reliable internet access, either. You may not be getting strong signals and if for some reason the router needs resetting, you are out of luck until your neighbor fixes it.

It's wrong and possibly illegal. In fact, I would start things off on the right foot and tell your neighbor he/she is exposed - if you can figure out who it is.

If your roommate doesn't want to pay for internet, tell him to go to the library, not to steal it from neighbors.

Why would this be illegal? His neighbors WIFI is entering his apartment. He's not breaking into his neighbors apartment to use it. I don't see an ethical or illegal issue.

Ethics aside, think of it this way:
Do you want to trust all of your internet data/browsing to the security of someone else's network? Specifically, someone who hasn't put a password on their network?
This is but one of many ways personal data like bank logins and passwords can be stolen. I'm very much with Dangger on this one.

It's not illegal, but I wouldn't do it simply for security reasons. No way would I broadcast personal information over an unsecured network, especially not a stationary one.

Chances are it won't take that long for them to figure out that someone else is using their internet. Especially when things start to slow down or your computers appear on their network list.

I understand using it in the mean time... But what is going to happen when he shuts you out and you are stuck waiting for the cable guy for a second time.

I lived in an apartment a couple years back with a similar situation. The security issue is one to worry about, but it depends on if you do any online purchasing from home or now. I always trusted my work computer's security over my home PC's, as they employ an IT dept at work, and I'm not IT. I found it to be terribly unreliable and ultimately worth it to pay for it myself.

However, since you asked, here's my advice. See if you can figure out who the router belongs to. It's an unsecured connection, so whoever that person is has put their own information at risk. Knock on their door, introduce yourself, and explain the situation. Say they've got their router unsecured and are potentially exposing information they don't want to share. Offer to secure their router (not difficult), and then ask if you can pitch in a few bucks a month for access. If you and your roommate chip in $5-$10 a month a piece, it's still cheaper then paying for it yourselves, saves the guy up/downstairs a few bucks, AND has the benefit of providing something the guy needs anyway. Namely keeping his computer info private. And if he says no, you're back where you started anyways.

Be very careful with this. Check the laws in your state about Wi-Fi "piggybacking" or "freeloading". I'm not aware of any Federal Laws, but some states have laws against it. Personally, I wouldn't risk it. However, one thing you can do, which could possibly endear you to your neighbor, is to let them know that they are operating an open wi-fi connection and they are risking someone hacking into their home systems and stealing their personal data. Then help them secure the router. They may offer to let you use their connection by providing you with the password. If that is the case, then you are free and clear because you have clear permission.

But using that connection without asking for it is like finding a house with the door unlocked, going in, and eating out of their fridge. It is stealing.

I agree with most of the comments: it is unethical at best, and stealing at worst. Adults pay their way in life.

This is the same situation as "filesharing"--justification of bad behavior doesn't correct the bad behavior.

The bigger question that you should be concerned about is your roommate. If he would steal from a stranger (and worse, can't understand that it is stealing even when confronted with it), how can you trust him with your stuff? "Community food" indeed.

And heaven forbid your roommate does something illegal on that network, that you are agreed to go along with.

Much cheaper to get your own service.

I take a slightly different angle on this - I see unsecured WiFi as the equivalent of a wallet lying on the street. Sure, the owner was careless by losing the wallet or not securing the network, but I would return the wallet if I found it (money, if any, intact) and I'd not use the neighbors bandwidth. Much like the discussion about bringing food into theaters that don't allow it, this is kind of a petty thing to break an ethical structure over (if you have the kind of ethics that would return a found wallet, that is); I'd need to be engaging in some serious "bigger things at stake" activity to not return that wallet or to highjack a network connection. It's not like someone is going to die if you don't use the neighbor's bandwidth after all.

1) Ethically gray. I wouldn't quite call it stealing, but you are using something that someone else paid for, and PROBABLY did not intend to share. (If the name of the network is "Open WIFI" or "FREE WiFi" or something along those lines, then I assume the person who owns the router left the WiFi open on purpose - but if it's "Linksys" or "Default", then they just don't know what they're doing.)
2) Some states/towns have laws against it.
3) Some ISPs have rules against it - be a good neighbor and don't cause his network to get shut down without warning.
4) Insecure - if you can get onto his network, so can anyone else - and see what YOU'RE doing.

I think Dangger is right. The network owner should lock it up themselves. I keep my network on WPA and use a very non-descript network name.

As far as illegal, I suppose you could say theft of services. But I don't see how someone would get caught. It would take some very advanced network tools to detect an unauthorized access to an open network and then to trace it back to your PC specifically. If your neighbor was *that* sophisitcated they should know better than to level their network wide open!

As for unethical, If I were you I wouldn't be loosing any sleep over it. But that's just me.

I'm shocked people still ask questions like this, when they know the answer, they just wish someone would justify their behavior for them.

So I'll dress just the question of law. There are federal statutes (ECPA) and state statutes regardng unauthorized access to a computer network. Doesn't matter whether it was left without a password or not. Usually, these statutes makes the crime a felony and practically any computer connected to the internet usually falls under the definition of a "protected computer". If your neighbor leaves his door open, that doesn't give you permission to come into his house and steal. The analogy that the wifi is "entering his place" is b.s., Actually, the stealer is entering the other person's place, as that's where the router is that is accessing the net. People have been prosecuted for this, although usually the focus is on hackers, identity thefters or people being totally outrageous about it (sitting in a neighbors driveway). But expect complaints to go up as all cable companies go to capped broadband bandwith. Maybe the ethics will sink in more for you when your neighbor has to pay more becuase your too cheap to pay for your own bandwith.

A few years back a neighbor and I split the bill. I suggest finding the neighbor that has the connection and suggesting helping to pay half the bill...

Come on people ... back to the movie theatre analogy ... perhaps it should be illegal to share a large popcorn and then get a free refill ... loosen up everyone.

There's nothing illegal about sharing, but there's something unethical about using someone else's stuff while not having permission.

Why not just ask the neighbor if it's OK? Perhaps even offer to pay part of their internet bill to cover your bandwidth usage?

If the neighbor says "yes" then by all means, use their bandwidth. If they say "no" and you do it anyway, you're stealing. And if you're not willing to ask, then you're deciding that you're willing to steal.

I see no downside to asking.

Actually, I'm far from sure that use of an unsecured wireless network constitutes unauthorized access to a computer (which is what the statute is usually directed against). The freeloader is not accessing the paying customer's files. And proving intent to make *unauthorized* access is difficult if there is no security.

In fact, while I haven't studied the ECPA in depth, it does specifically state that it does not forbid people to

"intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public."

That's what an unsecured wireless network is.

(Note: I am not saying there aren't stupid state laws on this point. There may well be. But I have only found a case like that in Michigan, so FMF, don't do this yourself!)

Personally, I wouldn't do it because it's not safe, as others have said above. Ethically, I am not sure it is incumbent upon you to assume that when a person deliberately makes a service publicly available, you can't make use of that service because he might not have meant it. This is not analogous to finding a wallet dropped on the street; almost no one will ever leave their wallet behind on the street on purpose. Someone had to go in and set up their wireless and leave it accessible to the world. That's not even an unanticipated side effect of some other choice; refusing to put in a password has only one effect, that anyone can log in. Some people do that intentionally. (I'd do it if I weren't afraid of some jerk downloading child porn or something via my network.)

Oh, and Tim: "His neighbors WIFI is entering his apartment. He's not breaking into his neighbors apartment to use it."

The signal goes both ways. His neighbor's wifi is reaching his card, and his card is communicating back. Now, the moment he starts using up his neighbor's cable or other bandwidth, he's gone beyond the mere accident of signals not stopping at the wall, and made an INTENTIONAL choice to use a service someone else is paying for, without permission.

Getting permission is easy. Go knock on the door and introduce yourself. You may manage to make a friend, and you'll keep yourself from becoming a thief in the process.

I recommend:

1) You get your own internet connection and not mooch off your neighbor's bandwidth,

and

2) Tell your neighbor he's taking a big risk leaving his wireless connection open and unsecured, because anyone with a "sniffer" can capture his usernames and passwords for his email, banking, and everything else.

Being frugal means being disciplined and responsible--in matters such as avoiding impulse buys and living on less than you earn. Illicitly "borrowing" your neighbor's internet connection is not frugal--it's just damn cheap.

Tim - did you miss all the previous comments saying that there are laws against this exact behavior? It apples and oranges when comparing this to getting a free refill.

If you're going to use it and the connection is good, just tell the neighbor and offer him something small for its use (like pay for him for one month of service, that is what a friend of mine did out of courtesy when his roommate set up a connection, and the roommate was thrilled to get it).

Frankly, I wouldn't share an unsecured connection in an apartment building where countless people could get access. (Too much financial and confidential work info I need secured).

"Tim - did you miss all the previous comments saying that there are laws against this exact behavior? It apples and oranges when comparing this to getting a free refill."

I don't believe there are laws against this ... except for perhaps local laws that are really intended for hacking.

"The signal goes both ways. His neighbor's wifi is reaching his card, and his card is communicating back. Now, the moment he starts using up his neighbor's cable or other bandwidth, he's gone beyond the mere accident of signals not stopping at the wall, and made an INTENTIONAL choice to use a service someone else is paying for, without permission."

True, the signal goes both ways, but if you connect to your neighbors WiFi, are are in effect granted permission from your neighbors router. I don't have an issue with knocking on your neighbors door, but this is not illegal (unless local laws apply not do I think it is unethical).

Before everyone jumps on your case with an overbearing amount of judgmental hysteria just be a good sport and get your own connection. Not b/c you're a horrible leech and not b/c it's equivalent to a keeping a wallet you found on the street. It's not equivalent to anything, it just is what it is.

You need your own connection b/c your neighbor's could go down at any moment and if it isn't secure that means you're not secure either if you use it and you wouldn't want your financial info compromised.

This is something I would've done in my 20's but luckily I've grew up since then and wouldn't do this sort of thing b/c it simply doesn't "feel" right, does it? I mean you're asking b/c you already know the answer aren't you? Follow your own intuition.

Well said Matt.

Sarah, I used to work for CCIPS. It's a violation of many state laws, even without resorting to basic trespass and tort theories. As for ECPA, in my haste I swapped the acronyms of two different statutes. ECPA is part of the wire tapping statutes and you are right about you say it says about open networks, although people still run afoul of that law in some cases. What I was actually thinking of was CFAA (computer fraud and abuse act).

I don't believe accessing an open WiFi network is against CFAA. It also applies to a "protected computer" not an open WiFi network.


Oh, and before someone bothers parsing through CFAA, it's unlikely to be used on a casual person because it does have a $5000 damages threshold. However, it has served as a model for many state laws. Michigan, seeing as they were one of the first to clone CCIPs on a state level in their policing/prosecuting efforts, is one of the states that has such a law. So does FL, IL and WA to name a few.

Oh, and before someone bothers parsing through CFAA, it's unlikely to be used on a casual person because it does have a $5000 damages threshold. However, it has served as a model for many state laws. Michigan, seeing as they were one of the first to clone CCIPs on a state level in their policing/prosecuting efforts, is one of the states that has such a law. So does FL, IL and WA to name a few.

Tim, "protected computer" is a term to designate which computers are within the scope of the act, not whether there's a password on the computer or not. And the term is almost meaningless, given that practically every computer falls under the definition these days because it is hooked up to the net.

tim, that's not what "protected computer" is referring to. it's a term to distinguish between the computers covered by the act and those that aren't. It has nothing to do with whether there is a password on the computer. And, with all computers basically hooked up to the net these days, it's becoming almost a meaningless part of the statute.

can't vouch for its accuracy, but here's a site I found in a ten-second search that attempts to examine all state laws on the subject. Not saying his analysis is right (I haven't checked it), but suffice it to say, don't think the terrain is a blank slate.

http://www.cybertelecom.org/Security/crimestates.htm

My friend has done it for about 4 years now and he still doesn't care. It is DSL service so whenever one computer takes on a large piece of the connection, it slows everyone else down.

He has times when it takes minutes to load a web page. Yet he doesn't mind.

I think it is somewhat wrong but if it was me, I wouldn't be able to stand it. I need the fastest speed possible.

"Tim, "protected computer" is a term to designate which computers are within the scope of the act, not whether there's a password on the computer or not."

I agree, but an open WiFi network is not part of the scope for "protected computer". The scope of a "protected computer" in the act is a financial institution. This does not apply to using an open WiFi.


I wouldn't do it. I'd consider it unethical since you are using their service without their permission or knowledge. I'd also be concerned about using an unsecured network in general.

Maybe if you ask the neighbor if they mind then thats a different matter. THey might have set it up unsecured on purpose so that neighbors can use it for free. Or maybe if you chip in some of the cost of their internet then they'll be happy for you to share their connection.

Jim

That chart, if accurate, indicates that there's a lot of variation among state laws. I don't know why the enthusiasm for its being illegal among commentators, though. I think a law requiring specific intent or conjunction with some other, real, crime makes by far the most sense. Since there is nothing inherently wrong or harmful about logging onto a wireless network in itself, there should be some connection with a real crime or clear evidence that the access was forbidden by the owner to make it illegal.

Honestly, though, whether it's legal or not doesn't have a great deal of impact on my own analysis of whether it's ethical (as opposed to whether it's a good idea!). Person installs a service readily usable by others unless person chooses to restrict access. Access restriction is simple and entails no meaningful restriction on use by the owner. Person can choose to restrict access any time person chooses if person changes his mind. Yet person continues to choose not to restrict access. Why exactly is a stranger supposed to feel it's wrong to use the service for any legal purpose?

By the way, assuming other people's computers *are* protected computers (the showing for "involved in interstate or foreign commerce or communication" is probably pretty low), the CFAA still requires that the individual "intentionally accesses a computer without authorization or exceeds authorized access". Doubtful that such language would be applied to someone logging on to a deliberately unsecured network. Not impossible, but doubtful; difficult to prove intent to access without authorization when the owner has chosen to require none. How the case would come out on appeal would probably depend on whether it was the Langley Cooking Club's network or Joe-Bob's home network.

Find the neighbor and offer to pay part of their bill...

I wouldn't use someone else's internet connection. Several reasons first off is that your connection is now dependent on someone else paying their bill, them not moving, them not locking the wifi connection. Also some internet service providers are now metering the connection in a similar manner to your water/electric bill. The other thing is that it can be illegal in some areas as mentioned earlier.

If you have to post an ethical question, you already know the answer. You can not use other people's opinion to justify what you know to be wrong for yourself and that is the only person you need to be truthful to. Don't betray yourself or your beliefs.

What I find is that when people leave a network unsecure like their neighbor, their internet is going to be used and abused by anyone with a wireless card. Get your own internet if you want to do things like watch shows on network sites and play multiplayer games that require internet. Ignore your roommate, get your own internet. Sure 'free' is awesome, but you'll sacrifice speed and your own morals as a price.

2 repercussions if you follow your friend's advice:

1. Your neighbor will eventually find it out. You will be ashamed the next time you meet each other
2. Your own security is at risk. Any information you have in your laptop/pc remains at risk and can be easily accessed by the owner of that "free" internet.

Screw your friend's advice and have your own internet connection.

Sam

How do you know whether the neighbor has set up a honeypot? Are packet sniffer programs running?

Anything you send over his connection and router/modem is discoverable by him and others who maybe listening in.

So you feel safe in sending passwords, usernames, bank account numbers and what not over the air. One of the biggest breaches of a companies security was from people finding an open Access Point and stealing over 1 million account numbers and personal details. Which were then resold and used by others to obtain money.

Do not assume that a site you are visiting that is secure is secure when transmitting via wi-fi. Read up on the Black Hat Conferences and what they can do.

Plus it is becoming illegal in many areas, as well as unethical.

Use it, but don't forget to share your internet when you're paying for it.

I leave my router unprotected so that people who need to use it can.

However, when using an unsecured router you need to realize that:

a) Anyone on the router see everything you do that isn't secure (eg. email!)
b) The router owner could mess with your browsing (eg. redirect wellsfargo.com to wellsfargo.ru) ... even set up traps to steal your passwords.
c) Anyone on the router can access your shared folders and printers


I lock down my own computers and keep an eye on who's using my router. If anyone is using up all the bandwidth, I kick them off. Other than that though, I'm more than happy to let people use my bandwidth and wireless.

It's already paid for, and I can't use it all, so why not? (and it's not against the TOS with my provider)

As for permission...

Have your computer ask the router for permission to connect to the internet. [This is called a DHCP request]

If you can connect without breaking encryption or manually setting your internet address [IP address] then you've got permission. [a DHCP lease]

You can't connect to the internet without the router giving you it's permission without doing special configuration on your part.


ANALAGY TIME!

If the 7-11 doesn't want people coming in, they shouldn't have their automatic doors opening for everyone who walks up to them. The fact that the doors do open when you walk up to them indicates to you that it's OK to enter. The fact that you are given an IP address when you 'walk up to' the router indicates that it is ok to use it.

When you're in a 7-11, you don't hog all the slurpie machines at once, go into the employee's only area or take stuff that's not yours. When you're on someone else's network, don't use all the bandwidth, don't access their personal files and don't read their emails.

I worked in computer security. I can tell you it is fairly easy to steal someone's info off of an unsecured router. In fact, people often set up unsecured wireless routers to do just this.

I wouldn't use an unsecured router to do any sort of important or private activity.

Ask your neighbor and offer to pay. You may very well find that your neighbor knows that people can access the network and is ok w/that. A friend of mine did something like that: had an open network and anyone in her apartment building could use it. She figured she'd take the risk, but so far people have been really respectful (not doing bad things on her network.)

That way, your conscience is clear. But unless you really trust this person, I wouldn't recommend doing anything remotely confidential.

A question for all these "security" experts that keep chiming in. What is the purpose of https (Hypertext Transfer Protocol over Secure Socket Layer)? My understanding is that https is far more difficult to crack than most forms of wifi encryption. So if I connect to my bank over https using an unsecured wifi, how exactly does the sniffer give you my passwords? Or if I connect to a server using SSH over the unsecure link you can just sniff my password right out? While having a secure wifi connection will improve security at the link layer, if your higher level services are already encrypted (often even more securely) who really gives a crap if my link is encrypted or not?

Second if you use some else's wifi, but you are well behaved and they never notice, who cares? Unlike the hose analogy, I'd see this as more like going through someone's trash. They've got alot of bandwidth they aren't using and are throwing away, you come by and pick up those unwanted bits for free. Would it be unethical to start hosting servers or running bittorrent using someone else's connection? Of course. But a couple web browsing sessions and some email? It's just like walking on their sidewalk, if they didn't want you, they'd put up a fence.

It's theft. Go next door and tell the guy he should use WEP or some other encryption. Pay for your own internet. It's part of being an adult.

The comments to this entry are closed.

Start a Blog


Disclaimer


  • Any information shared on Free Money Finance does not constitute financial advice. The Website is intended to provide general information only and does not attempt to give you advice that relates to your specific circumstances. You are advised to discuss your specific requirements with an independent financial adviser. Per FTC guidelines, this website may be compensated by companies mentioned through advertising, affiliate programs or otherwise. All posts are © 2005-2012, Free Money Finance.

Stats