[ISN] FC: More on FBI advisory on 802.11-spotting "wardriving"

From: InfoSec News (isnat_private)
Date: Thu Aug 15 2002 - 23:17:43 PDT

  • Next message: InfoSec News: "[ISN] Security In Converged Networks"

    ---------- Forwarded message ----------
    Date: Wed, 14 Aug 2002 01:00:01 -0400
    From: Declan McCullagh <declanat_private>
    To: politechat_private
    Subject: FC: More on FBI advisory on 802.11-spotting "wardriving"
    
    I heard back from the FBI's Bill Shore, who wrote the advisory 
    (http://www.politechbot.com/p-03884.html). He said that "Theft of services 
    is not a federal violation per se. Check my comments a little more 
    closely." Perhaps he means that it could be a violation of state law? (A 
    quick skim of state laws shows that they often use language like accessing 
    a resource to which you're not "entitled.")
    
    See also Pennsylvania criminal law 
    (http://members.aol.com/StatutesP7/18PA910.html). A quick read suggests 
    that it bans the possession of a "telecommunication device" that can 
    receive or transmit in any manner, including on a wireless network, 
    "without the consent of the telecommunication service provider." Any 
    criminal lawyers want to think this through? (The definition includes 
    computer software, BTW.)
    
    Bill also said that his message forwarded to Politech was "just a release I 
    made to the Pittsburgh InfraGard Chapter, so it is not really an FBI 
    Warning, advisory, or anything like that from NIPC. I just thought it would 
    be relevant and interesting to our local chapter."
    
    Also, from a few weeks ago:
    
    "Notes on federal indictment for 'war dialing' offense"
    http://www.politechbot.com/p-03827.html
    
    -Declan
    
    ---
    
    Date: Tue, 13 Aug 2002 13:54:36 -0500 (CDT)
    From: "Robert A. Hayden" <rhaydenat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
    
    The only concern about this is that this is a case of using a hammer
    (federal law) to solve a problem that could be fixed with a tiny
    screwdriver (ie, enabling even minimal security on the access point).
    
    Of course, given the state of things this past year, this is hardly
    surprising.
    
    ---
    
    Date: Tue, 13 Aug 2002 14:07:13 -0700
    From: Tim Pozar <pozarat_private>
    To: billshoreat_private, declanat_private
    Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
    
    Always our (BAWUG) and Peter Shipley's claim too.  If you sniff the
    ether and identify a network being out there that is one thing.  If
    you start to use the network then you are stealing service.  This
    comes to one of the problems we are trying to work out.  When is
    an unencrypted AP an "open-AP"?  Can you just have "OPEN_AP" as an
    SSID?
    
    Tim
    
    ---
    
    Date: Tue, 13 Aug 2002 20:13:33 -0600
    To: Declan McCullagh <declanat_private>
    From: "Richard Johnson" <rdumpat_private>
    Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
    Cc: rdumpat_private, billshoreat_private
    Content-Type: text/plain; charset="us-ascii"
    
    At 15:18 -0400 on 13/08/2002, Declan McCullagh wrote:
     > This letter is from last month but we haven't covered it on Politech
     > before. Read it carefully: The FBI claims that using an open 802.11
     > access point without explicit authorization may be a federal crime
     > ("theft of services").
    
    
    I dusted off and updated my reasonability and open wireless access page
    using Agent Shore's letter to focus it.  Good inspiration, that letter. :-)
    Link is below.
    
    
    Richard
    
    -------
    
    Reasonability and Open Wireless Network Access
    
    13 August 2002
    
    Recently, Declan McCullagh's Politech list brought to my attention a letter
    from Special Agent Bill Shore (local copy with clickable URLs),
    FBI-Pittsburgh. In the letter, Agent Shore references some information from
    CERT regarding restricting access to wireless networks intended to be
    private. However, he also states that there may be criminal violations
    occuring if an open wireless network is actually used, rather than just
    having its beacon noted in passing. I believe that is a troubling, even
    dangerous, misinterpretation. It ignores the intent behind open wireless
    networking, and fails the test of reasonableness.
    
    I feel Agent Shore's letter deserves an answer from someone whose hobby and
    job both involve providing open and securely private 802.11b wireless
    access. ...
    
    http://www.river.com/users/rdump/community-wireless/reasonability.html
    
    ---
    
    From: Xxxxx Xxxxxxx <xxxxxat_private>
    To: "'declanat_private'" <declanat_private>
    Subject: RE: FBI releases advisory about 802.11-spotting "wardriving"
    Date: Tue, 13 Aug 2002 17:39:06 -0400
    
    Declan,
    
    Please dont post my name but I didnt gather this from the document at 
    all.  It is simply stating that there are people driving around 
    "WarChalking" available wireless networks.  The document goes on to 
    describe that "WarDriving" is not illegal but accessing their system after 
    discovering it _may be_.
    
    This all seems pretty straight forward to me.
    
    QUOTE: "Identifying the presence of a wireless network may not be a
    criminal violation, however, there may be criminal violations if the
    network is actually accessed including theft of services, interception
    of communications, misuse of computing resources, up to and including
    violations of the Federal Computer Fraud and Abuse Statute, Theft of
    Trade Secrets, and other federal violations."
    
    This is pretty straight forward, saying that after a network is disocvered, 
    if someone actually uses it, they may be breaking a law.  This is true on 
    one hand, but on the other, people should not be nailing up wireless 
    networks that are not properly secured using VPN's.  Note: WEP is breakable 
    very quickly with a package known as Air-Snort.
    
    Thanks,
    
    
    ---
    
    Date: Tue, 13 Aug 2002 18:38:59 -0400 (EDT)
    From: rjhat_private
    Reply-To: rjhat_private
    Subject: Re: FC: FBI releases advisory about 802.11-spotting "wardriving"
    To: declanat_private
    cc: politechat_private, billshoreat_private
    
    On 13 Aug, Declan McCullagh wrote:
     > This letter is from last month but we haven't covered it on Politech
     > before. Read it carefully: The FBI claims that using an open 802.11
     > access point without explicit authorization may be a federal crime
     > ("theft of services").
     >
    
    Will they do the same for unauthorized use of my DSL link to send spam?
    What if I add an 802.11 link?  It would be well worth the extra cost if
    that made spam a federal crime.
    
    More seriously, I think they are right as long as you take a reasonable
    view of authorization.  I know that I have one relative who thinks
    public use of his wireless LAN is perfectly OK.  I have another who is
    scrupulous about using 128-bit WEP, regular password changing,
    authorized MAC addresses only and encrypted applications.  As long as
    law enforcement respected both their different attitudes I would have no
    problem with considering unauthorized use a crime.
    
    R Horn
    
    ---
    
    Date: Tue, 13 Aug 2002 20:24:28 -0700 (PDT)
    From: Eric Johanson <ericjat_private>
    To: Declan McCullagh <declanat_private>
    Cc: Todd Boyle <tboyleat_private>,
        "Christopher K. Neitzert" <chrisat_private>, <billshoreat_private>
    Subject: Re: [BAWUG] FC: FBI releases advisory about 802.11-spotting
      "wardriving" (fwd)
    
    Bah, this Bill Shore fellow is just alarmist, and is making up his own
    laws.
    
    It looks like a typical scare tactic by some feeb underling looking for
    press.  It was, however, good that he pointed out that folks should secure
    their networks.
    
    
    Here is some background:
    
    An OPEN access point with no WEP functions as follows:
    
    The AP will beacon it's ESSID, many times a second. (shouting out: I'm
    right here!)
    
    If I open my notebook, it sends a 'anybody out there' request on the
    airwaves.
    
    The AP responds, and sends the ESSID (network name) to the client
    
    The client sends a association request
    
    The AP responds with an ACK
    
    The client asks for an IP address
    
    The AP responds back with an IP, dns servers, and a GATEWAY ADDRESS TO THE
    INTERNET.
    
    
    
    If you ask me, that's clearly an invitation.  It's not trespass if you
    get invited in.   While he is correct in pointing out that 'stealing data
    is unlawful', it's worded in a vague sense..  But using an internet
    service that was offered to you is not 'stealing data'.  If I then hacked
    into their computer system, or otherwise broke the law while using this
    internet connection, then it's unlawful.
    
    It really is just as simple as 'locking the door'.  While WEP is proven to
    have security issues, so does the deadbolt on my front door.  Somebody
    could break in, but it makes it VERY clear that you are not welcome.
    
    -Eric
    
    ---
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    -------------------------------------------------------------------------
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    Recent CNET News.com articles: http://news.search.com/search?q=declan
    CNET Radio 9:40 am ET weekdays: http://cnet.com/broadband/0-7227152.html
    -------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Aug 16 2002 - 02:28:12 PDT