Should browsing on an unsecured wireless network become legal?

[Jack Tingle]

I just set up a wifi router. It never occurred to me that anyone would deliberately leave one unsecured. I figured they just had trouble doing it and gave up, or didn't know you could secure one. The things you learn.

Regards,
Jack Tingle

[pshrynk]

I have no idea how to secure a router, but I think it may explain why my connections keep getting fropped. How do I do this thing?

[desertgrandma]

Quote:

Originally Posted by pshrynk

I have no idea how to secure a router, but I think it may explain why my connections keep getting fropped. How do I do this thing?

I have my connection thru Cox. They walk you thru the 'securing' process, and if they can't help you, they give you another number to call. THOSE people were awesome.

I secured mine, not because I don't want to share bandwidth, but because I was told it would be easy for a hacker to steal data. Obviously, not just anyone could do there, but there are people out there who do.

[Steven Lyle Jordan]

When it comes to electronics, the majority of people just want to plug it in and see it work... and if it does, they're done. Since most wifi routers come set to default unsecured settings, that's what most people set up.

It isn't until they are advised to secure their network to protect their service, or after a nearby user maxes out their bandwidth, that many people will secure their network... and I suspect many of them have their ISP do the work or talk them through it, so they don't know too well how it works.

Pshrynk, what you have to do in a nutshell is to input a reasonably secure password for your wifi router, and set up your computers to use that password when accessing the net through the router. The details, however, depend on your service and equipment, so I cannot give you much more than that.

If your ISP provided the equipment, they can help... and the router's instruction book should also be able to talk you through it. Most Geek Squad-type services will be able to help you with that, too.

[Steven Lyle Jordan]

Quote:

Originally Posted by desertgrandma

I secured mine, not because I don't want to share bandwidth, but because I was told it would be easy for a hacker to steal data.

That is the other big deal about unsecured WiFi... who wants to risk someone else outside accessing your PC and downloading, say, your Quicken database, a client list, or personal e-mails? Even if you don't care about people accessing the web, you're better off securing your connection for your own safety. (I'd bet this is the reason why most people secure their WiFi.)

[tompe]

Quote:

Originally Posted by Steve Jordan

That is the other big deal about unsecured WiFi... who wants to risk someone else outside accessing your PC and downloading, say, your Quicken database, a client list, or personal e-mails? Even if you don't care about people accessing the web, you're better off securing your connection for your own safety. (I'd bet this is the reason why most people secure their WiFi.)

I think that also. And it always lead to problem when friends bring a laptop or other equipment and ask for a connection.

Regarding securing a router. Nowadays you usually just point your browser to the router (see the manual) and configure it there. It is usually not very hard. Usually you have to connect a computer with a cable to be able to configure the router. You cannot do it using the WiFi.

[rlauzon]

Quote:

Originally Posted by desertgrandma

I secured mine, not because I don't want to share bandwidth, but because I was told it would be easy for a hacker to steal data. Obviously, not just anyone could do there, but there are people out there who do.

That's not quite true. Wireless networking is inherently insecure - especially if you are using the standard off-the-shelf equipment (which most of use at home).

Bruce Schneier has a nice article on this topic.

In a nutshell: if you have a "secure" wireless network, the bad guys can still break in - so it's not secure. If your network is open, you can deny that you had anything do to with the bad guys using your open network. It's harder to deny that when your network is "secure" - especially when you are in a court filled with non-technical people.

[desertgrandma]

Quote:

Originally Posted by rlauzon

That's not quite true. Wireless networking is inherently insecure - especially if you are using the standard off-the-shelf equipment (which most of use at home).

Bruce Schneier has a nice article on this topic.

In a nutshell: if you have a "secure" wireless network, the bad guys can still break in - so it's not secure. If your network is open, you can deny that you had anything do to with the bad guys using your open network. It's harder to deny that when your network is "secure" - especially when you are in a court filled with non-technical people.

I understand that nothing is totally 'secure' these days. My house, my wireless, my car.....my life. If someone really wants in, they can get in.
However, isn't it only prudent to take what precautions you can, and stay alert?
I'd feel really stupid if someone hacked my bank account because I didn't secure my connection. Or robbed my house because I left the door unlocked.
BUT if I took the proper steps, and they did it anyway, I could shoot them with a clear conscience......

[NatCh]

Quote:

Originally Posted by desertgrandma

BUT if I took the proper steps, and they did it anyway, I could shoot them with a clear conscience......

.....Ha!

[rlauzon]

Quote:

Originally Posted by desertgrandma

I understand that nothing is totally 'secure' these days. My house, my wireless, my car.....my life. If someone really wants in, they can get in.
However, isn't it only prudent to take what precautions you can, and stay alert?
I'd feel really stupid if someone hacked my bank account because I didn't secure my connection. Or robbed my house because I left the door unlocked.
BUT if I took the proper steps, and they did it anyway, I could shoot them with a clear conscience......

So, you take proper precautions, "secure" your wireless network. Then you go off on vacation for a few days. In the meantime, a bad person pulls up in front of your house, parking on the public street. He hacks into your network and sets up a child porn server, using your compromised access point.

You return home to be put in jail for child porn.

If your network was open, you could claim you knew nothing about it.
If your network is "secure", it's harder to make that claim.

[desertgrandma]

Quote:

Originally Posted by rlauzon

So, you take proper precautions, "secure" your wireless network. Then you go off on vacation for a few days. In the meantime, a bad person pulls up in front of your house, parking on the public street. He hacks into your network and sets up a child porn server, using your compromised access point.

You return home to be put in jail for child porn.

If your network was open, you could claim you knew nothing about it.
If your network is "secure", it's harder to make that claim.

I guess this could happen.......but
Okaaaay........but wouldn't this hacker be looking for a unsecured network first? That would be way easier than hacking a secure network.
And realize I am less than knowledgeable about how all this works, but couldn't this 'child porn server' be traced back to its original source?

[Steven Lyle Jordan]

Quote:

Originally Posted by rlauzon

You return home to be put in jail for child porn.

If your network was open, you could claim you knew nothing about it.
If your network is "secure", it's harder to make that claim.

You could claim ignorance in either case, and it would probably have the same impact on the court.

But if your network was secured, you could claim that you did what you could to restrict such access, to a reasonable degree. You would probably not be held liable unless it could be demonstrated that you intentionally made the access code available to others, or failed to protect it adequately.

If you left it open, you could easily be held liable due to negligence (where ignorance is considered no excuse).

[Steven Lyle Jordan]

Quote:

Originally Posted by desertgrandma

I guess this could happen.......but
Okaaaay........but wouldn't this hacker be looking for a unsecured network first? That would be way easier than hacking a secure network.
And realize I am less than knowledgeable about how all this works, but couldn't this 'child porn server' be traced back to its original source?

Certainly, a crook looks for the easiest way in... but if he can't find one, and he wants in bad enough, he'll hit the harder points, too.

And a "child porn server" may not be accessible... for instance, if it resides in another country wherein its owners cannot be prosecuted or extradited.

[badgoodDeb]

Quote:

Originally Posted by pshrynk

I have no idea how to secure a router, but I think it may explain why my connections keep getting fropped. How do I do this thing?

I've had some probs getting WEP to work, since I had mixed computer flavors in the house (mac/pc). I opted for "allow in only these specified machine numbers" protection. Is there any reason this is a bad idea?

[Steven Lyle Jordan]

Quote:

Originally Posted by badgoodDeb

I've had some probs getting WEP to work, since I had mixed computer flavors in the house (mac/pc). I opted for "allow in only these specified machine numbers" protection. Is there any reason this is a bad idea?

I've heard it's a perfectly good idea. Although a MAC number can (I believe) be spoofed by another machine, trying to guess that number is almost as difficult as working out a good encrypted password.