Is Piggybacking Stealing?

tags: , ,

Recently, I have been following the stories of people who have been arrested for stealing internet access using their neighbor's wireless connections. For example, a man was recently arrested in London and another man in St Petersburg, Florida is now facing trial for using unsecured wifi signals.

These connections are usually open, meaning they are not protected with a password, although there are ways to circumvent WEP or WPA security. So, considering that a person can secure their wifi connection but chose not to do so, is it stealing to use someone else's unsecured connection? If you don't think this is stealing, do you think that using an open connection is unethical behavior? What about those people who pay for a wifi connection but share it with half a dozen neighbors? Is this cheating the internet provider out of their profits?

I also have a poll below the fold that you might be interested to answer.

What do you think of using someone else's open wifi connection?
It is stealing
It is not stealing, but it unethical
It is fine if you are just quickly checking an email
It is fine -- otherwise, the owner would have protected it
Don't know

  
pollcode.com free polls
Tags

More like this

So, considering that a person can secure their wifi connection but chose not to do so, is it stealing to use someone else's open connection?

If your neighbor can secure their bicycle, but chose not to do so, is it stealing to use their unsecured bicycle?

By Tegumai Bopsul… (not verified) on 23 Aug 2007 #permalink

but if you use the neighbor's bicycle, you are depriving that person of using it themselves. but you are not having that effect on them if you use their wifi. in fact, most people who have open wifi connections are not aware that you are using it at all!

I'd say it is not more stealing than looking at and appreciating a beautiful house.

Unethical only if you use it to download big files and somehow harm the quality of use for the owner of the connection.

Wifi should be universally and freely available to everyone everywhere.

@Tegumai, suppose the neighbor parks that bicycle on your driveway or in your living room?

By Matt Platte (not verified) on 23 Aug 2007 #permalink

It is no more stealing your neighbor's wifi than standing outside their window and reading a newspaper by their lamp is stealing their light.

Wonderful thing, electromagnetic waves. They travel.

I generally consider unsecured WiFi connections to be equivalent to the public areas of a mall or someone's doorstep. I take it as implied that I have permission to be there if I'm not doing something disruptive, but I am obligated to comply if asked to leave.

It is not even that the connection is not secured, it is actively advertised. If you can see your neighbor's network that network is doing the equivalent of shouting "Here I am come connect!" They do not even have to secure it, they just need to stop broadcasting the invitation to come in. If you don't want guests stop broadcasting the SSID inviting them in.

I agree with MattXIV, that is a good way to view it. But anyway, i guess downloading big files would be abuse... can we measure abusing in kbps?

Here's another way to look at the issue: people who don't secure their wifi should be thrown in jail for endangering the welfare of minors. After all, there's lots of porn on the internet, and any kid with a laptop can connect to an unprotected signal and download anything.

I am in the awkward position of being someone who has accidentally stolen a router because it was unsecured. I was attempting to fix my own WiFi router (which was unsecured up until this point) and I found myself logging into somebody else's router because they had configured their unsecured router with the same SSID. When I had it generate the passkey, it wound up locking the owner of the other router out entirely, and then I had to go back and properly secure my own router. I would have apologized and offered to help whichever neighbor had the issue, but I didn't have any way of figuring out just which person had this other unsecured network.

I don't think people realize how easy it is for someone to unintentionally do some sort of "hacker attack" on a completely unsecure network using standard commercially-available hardware. The ubiquitous LinkSys boxes all use similar software (and I'm sure that other companies have similar issues, but I don't have experience with them) and you are just asking for trouble if you don't use some sort of protection with these standard boxes. I didn't even realize that I had reconfigured somebody else's box until I noticed that my signal strength didn't increase when I neared my WiFi router.

...so if you do decide to leave a network open, you need to at least do something to make sure this sort of thing doesn't happen to you. Just moving the router's IP address from the default is all it would take.

I voted that it's not stealing.

However, I suspect that the reason most people don't secure it isn't so much because they have actively chosen not to, but because they have no clue.

Likewise, I suspect a lot of the "stealing" comes when people just use default nets and have no clue that they're using the neighbor's WIFI.

In any event, it's silly, silly, silly to consider this stealing.

Overusing the bandwidth of a neighbors wifi -- always downloading huge files -- is very rude. Rude in the same way that playing your stereo too loud is rude. But I really wouldn't consider it a crime. It's ethically dubious, much like playing your stereo so that it's loud enough to bug your neighbors is ethically dubious. But a crime? Sheesh, give me a break.

If your neighbor is listening to subscription satellite radio with his window open, and you listen to it with your window open, are you stealing? Well, the RIAA would probably say yes, but to borrow a term Lessig quoted in his book "Free Culture," I would say that "common sense revolts."

Alas, technology is scary and misunderstood to some people, so too many (including so many in lawmaking and law enforcement) have no basic understanding upon which to build what should be obvious common sense.

Of course, there's one other thing. You could use your neighbor's WiFI to download pirated music and get them sued by the RIAA... the real crime there is being committed by the RIAA, of course, but you are also guilty of framing your neighbor, and that is bad.

If the neighbor has put WEP on, don't use the hacks that are available. That would be like picking a lock.

Re: Tegumai @ #2 In fact, there are places where borrowing someone's bicycle, even from say, an unlocked shed, would be considered perfectly fair game as long as you returned it in good shape. Given that in the case of wifi, the use isn't even exclusive, I'd say the issue pretty much comes down to "social expectations". Those haven't been established yet, but my sympathies are mostly with the "free net" crowd -- not just because of the public goods, but also because of enforcability issues.

All that said, there really should be a simple, free, option for people to configure their wifi routers for at least three standard modes:

1) Open Network: Relays bits, allows owner to set a bandwidth cap for such use, does not provide authentication, does not allow remote reconfiguration of the router itself. Don't bet on a secure channel. May require registration and/or payment.

2) Closed Network: Provides secure connections for authenticated account-holders, owner controls the accounts. Adding accounts can optionally require access to the hardware (besides the passwords).

3) Locked Network: Access only for pre-authorized and authenticated nodes -- that is, device identifiers get checked, along with whatever else is needed to make sure you're talking to the specific devices comprising your own network.

These could be combined, of course. For example, in an airport, you might have a pool of routers that primarily form a locked network for the ticket desks, kiosks, security stations, etc. But they could also offer secured connections for airport staff, and surplus bandwidth as on open link to the public.

By David Harmon (not verified) on 24 Aug 2007 #permalink

It's not stealing from the neighbor. It's stealing from the company that's providing the service. If everybody uses somebody else's service - if only one in 10 pays - then the company will go bankrupt. I often end up on my neighbor's service, but since we're both paying the same provider I don't worry about it. If I weren't paying anyone, it would be different.

Now, ask me if wireless ought to be a government-provided service? Sure. But I'm a socialist...

but if you use the neighbor's bicycle, you are depriving that person of using it themselves. but you are not having that effect on them if you use their wifi.

Only if bandwidth is infinite, which is not generally the case.

By Tegumai Bopsul… (not verified) on 24 Aug 2007 #permalink

If you log on to someone else's connection and you take up bandwith you can slow down that person's use of the internet and that is at best a nuisance.

What if someone uses your internet connection to do illegal things, like send mass spam or steal someone else's personal info like credit card numbers?

It's not stealing. It's trespass. In Florida anyway the FDLE treats it like walking through somebody's house or office unbidden.

Matt commented that it is like being on somebody's front walk which is correct. What is not correct is that it is acceptable to sit on my front walk all day if you aren't what is known as an "invitee" which would basically be a friend.

The violation is the disruption of what is known as "quiet enjoyment" or the posession of potential access by the owner or his invitees.

Actual damage does not have to be proven. So theft and vandalism are not the issue. Put another way, an unlocked door doesn't mean you have permission to nap on my couch.

Finally, a note about kids who think they are security experts. Considering the above facts, you will notice that the legal guidelines are based on social norms. Misinterpreting social norms by walking through my house when the door is unlocked and claiming it is OK is disingenuous at best. By law, homeowners have the right to defend themselves.

The smart thing to do is educate the public on how to share access by posting a notice.

Just noticed this:

It is no more stealing your neighbor's wifi than standing outside their window and reading a newspaper by their lamp is stealing their light.

While correct, it misses the point that if you stand outside my window reading, I will call the cops and they will give you a warning and make sure you understand that it isn't OK to be on my premisis without permission. My right to have an unobstructed view and your uncomfortable social proximity are key factors.

Let's say I - an old, hairy, stinky, lecherous-appearing man - read your newspaper/laptop by placing my chin just above your shoulder so I can smell the fragrance of your hair while enjoying the news. Would you offer me a sip of your latte too? Puhleeze!

As has been discussed here before, windows, by default, will connect to the strongest available wireless router, without caring who it belongs to. You can re-configure it, but most people won't know of that option, or of any reason to need it. Nor will they know that in typical urban areas there often as many as 5 unsecured routers detectable from inside their home. All they will know is that their internet connection 'works' . Probably 1 American in 5 pays for their own internet connection, but unknowingly uses their neighbor's. I had a co-worker, who knew he used his neighbor's connection, but felt it was ok because he paid for his own connection too. Then one day he couldn't get online. Turned out his neighbor had moved away - and his internet service bill had been going unpaid for months.

I was the Construction Foreman/Engineer for our local cable company for many years and was often called to apartments or houses where customers found that someone had tapped into their cable connection and received free cable entertainment. This was a fair chunk of time ago before computers were used to keep check on customers and the system. In fact, computers as we know them today, where not around so everything was manually done.

According to Canadian Law, that is called theft of telecommunications and punishable under the law. Myself, I was of two minds on it.

First, the obvious, the next door neighbour had connected without the cable customers knowledge. This usually was only found out when a customer complained of signal problems.

Secondly there was a case or two where the neighbour knowingly hooked their friend (a single mother of two on welfare) to their connection by themselves. This in the misguided effort to aleviate the financial stress on the young mother. As I worked for the cable company I would have known how to do the connection without loss of signal strength to either house. This is easier to do in apartment buildings with adjacent neighbours.

While I must stress that I did not do that myself, it is a question I puzzled over.

The first case was a blatant case of Theft of Telecommunications but the second, while just as illegal, a person could justify their actions a bit.

Considering how trivially easy it is to secure a network, it's not unreasonable to assume that someone who fails to do so wants other people to use it. This could be because they're nice altruistic folk, or it could be because they're logging everything anyone else sends over their network, and keeping any interesting passwords and credit card numbers for their own use. The real question is, is _that_ stealing? :-)

I think it it stealing and wouldn't do it myself. On the other hand, I have not secured my own Linksys router signal with a password, for much the same reason that I don't lock the door of my house here in Vermont. I don't have anything I'm worried about being stolen, and I doubt anyone will try.

I'm weighing the unlikely event of being harmed by this lack of security against the much realer problem of forgetting or losing a password and being locked out of my own system.

By David Weinstock (not verified) on 25 Aug 2007 #permalink

I find Bob Calder's comment about trespass interesting. I don't agree with it (which I guess puts me at odds with Florida's FDLE as well).

A few points I have:
1. We have to actively choose not to use our neighbor's wifi. Wifi signals permeate our home and cause interference with our equipment. For open wifi systems, we have to program our equipment not to connect to their system. Many laptops are very passive and will connect to the strongest signal available. This is akin to having to close the blinds to filter out the neighbor's porch light.

2. It's not our fault. Almost every ISP I know has in their Terms of Service that it is ultimately the customer's responsibility in managing their equipment and controlling access thereof. Two dial-up ISPs I worked for would shut customers off if the customer had known malicious/virus activity and require the customer to fix their system before we would re-activate them. If an ISP was truly concerned, they would require their customers to not run an open wifi system and could suspend any account they found to be in violation.

3. The person running the open system is at fault. This combines #1 and #2. While an unlocked door or leaving keys in your car aren't invitations, broadcasting an SSID beyond your property and into others is sending an invitation. By it's very definition, an unencrypted wireless network is an "open" or "public" system. Unless the network owner puts the equivalent of a "private property" sign (encryption/mac filtering/captive portal/disable ssid), they are creating an open system for public consumption.

By John Hogenmiller (not verified) on 25 Aug 2007 #permalink

There are a few essential differences between traditional property and a wireless connection:

(0) Physical property boundaries are often indicated by walls. fences, curbs, edges of lawns, and so on. These indicators are sometimes imperfect, often a few feet from the real boundary line - but usually close enough to make it easy for a conscientious person to avoid trespass. In many areas, lack of clear boundaries can make trespass legally unenforceable.

But to the ordinary person, there is no obvious boundary around a wireless connection.

(1) Throughout all our lives, we are reminded of how to identify (although imperfectly) property boundaries, and to avoid crossing them when unnecessary. Few people reach adulthood without an ingrained habit of avoiding trespass.

But very few people are taught how to avoid 'piggybacking', or 'wireless trespass' as Bob might call it. Furthermore, the number who think there is nothing wrong with it are about as common and vocal as those who think it a problem.

Those who think 'piggybacking' is wrong (which presently include America's legal forces) have themselves a tremendous user education problem. Unfortunately for them, the internet industry is convinced it will see a serious decline in sales anytime the user is told to learn something. So in the form of advertising, they continuously bombard the users with the message they don't need to know anything in order to have wireless internet.
Can the Bobs of the world hope to win against the advertising industry's thundering advocacy of ignorance? So far, they are failing badly.

The numerous unintentional violations of the ignorant many make it impossible to take action against the majority of offenders. A tiny minority of offenders will distinguish themselves by being particularly egregious, others by some unrelated form of notoriety, and some for having violated other, more serious laws. It is that minority the law will be inclined to pursue - but often they will find the ignorant many unintentionally hamper their efforts.

You didn't have a choice for "stealing but not wrong" and that's what I think, although other commenters on this thread have made excellent points about how you could be stealing it without really realizing it, particularly if you have your own wireless connection (we found out that my work computer was stealing someone else's signal a few weeks ago. Shocking!)

I think the price of a DSL or cable internet connection is outrageous. Cable (where I've lived) has averaged around $45 a month. $45 fucking dollars a month for a service that probably doesn't even cost them half that to provide. It's a little like Elton John crying about how much music downloading has hurt his bank account. I can't feel too much pity for a man who has so much disposable income that he's taken to collecting expensive swear word jewelry (I saw it on VH1: he has a diamond ring that spells out "fuck" and cost like $500K or something crazy like that). And I don't feel too sorry for the poor, poor ISPs that can only afford to give their CEOs 6-digit bonuses instead of the 7-digit bonuses they would've gotten if only the welders and nurses of the world making $40K a year would stop their "stealing."

And, like music downloading, it's hard to see how they'll stop this behavior. It sounds like it's so common that they can't prosecute everyone, and so easy to do accidentally that it'll be hard to sort out the deliberate theft from the accidental.