Wireless, Security, and Liability

Tim Lee

The Houston Chronicle’s TechBlog has a post this morning accusing me of taking security issues to lightly in my wireless piggybacking op-ed:

Reading Lee’s bio at the Technology Liberation Front, where he is a contributor, you can tell that he knows better. He’s a former systems administrator and savvy in the ways of Mac, Unix and Perl. I think his skimming over the security issue is disingenuous.

If he’s been paying attention, he knows that illegal music and movie sharing is rampant, and that the recording and film industries are coming after those who do it frequently. He also knows that these trade associations’ lawyers hunt down their prey via IP address, and that a “friendly neighbor” with a thirst for illegal music and movies can bring unwanted legal attention to the owner of an open WiFi network.

And that’s just the most minor of crimes that can be committed over a WiFi network. Granted, the chance that a kiddie porn addict or someone trying to hack the Pentagon will use your open bandwidth is slim–but do you even want to take that chance?

This is an interesting point, and is actually a different security issue than the one I had in mind when I pooh-poohed the security risks of open WiFi. I had in mind the worry that someone would log into your wireless network and hack into your computer or eavesdrop on your network traffic.

But what he’s talking about isn’t really a security issue at all, it’s a liability issue. And it is a real risk. If somebody does something bad with your Internet connection–shares copyrighted songs, trades child pornography, or sends a death threat to the president–there’s a chance you could get sued, or even arrested.

However, the odds of that happening is pretty small. And if it does happen, you’re not likely to be convicted. It is, after all, a case of mistaken identity–it’s not a crime to have someone use your network for lawbreaking without your consent. It’s likely that if you get a call from the RIAA or the FBI about illegal activity on your network, they’ll be willing to let you off the hook if you help them catch the culprit.

The other possible argument is that by leaving your network open, you’re making it easier for people to get away with doing illegal things. But there are millions of networks connected to the Internet. You’re never going to close all of them. So closing your network will simply caues criminals to move on to the next one.

Update: Mike at TechDirt chimes in to say that opening up your WiFi network qualifies you as an ISP under the Communications Decency Act, under which you’re not liable if someone does something illegal via your network.

March 20, 2006 | Comments |

Viewing 12 Comments

MikeT 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Tim,

Since the average router doesn't keep any logs, you're going to be hard-pressed to prove that it wasn't you. I have to disagree with you on this one. It's like leaving your house open so that a stranger can come in and sleep on your living room sofa. They might be honest, but they very well might rob you blind. The fact is, the average person cannot prove that it wasn't them, and the RIAA has been known to go after people who claimed ignorance.

http://www.blindmindseye.com

Tor 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

There's a simple technical solution to the liability problem: route all traffic from your neighbors through TOR (http://tor.eff.org/). Liability approaches 0.

Jon Gales 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

MikeT, the way the US legal system works the burden of proof is on the accuser. It's up to me to prove that it was you. If anyone within a 250ft radius of an area could have done something and you have no more information, you simply can't go after whoever owns the property at the center of the circle.

http://www.mobiletracker.net

Aaron Brazell 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

...And if the FCC thinks that you're an ISP, you better cough up the $230 application fee.
http://wireless.fcc.gov/feesforms/feeguide/serv...

http://www.technosailor.com

MikeT 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Jon,

I know all about innocent until proven guilty, but the activity from your router is probably going to look like you did it, until you can bring in enough evidence to prove that it didn't have to be you who did the dirty deed. It's about saving a lot of stress.

http://www.blindmindseye.com

Ed Felten 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

In a civil suit, the standard of proof is preponderance of the evidence. If it is known for certain that some bad act was committed via your WiFi, a plaintiff only has to prove that it is more likely than not that you were the person who did it. They can brush off your argument that it might have been an outsider by saying, "Maybe, but probably not."

http://www.freedom-to-tinker.com

skeptical 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Tim, in your op-ed piece you say the problem can be solved easily by WiFi network owners simply restricting access by strangers with a password. Should people be allowed to hack through those passwords or not?

Tim 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Skeptical: of course not.

http://www.techliberation.com/

skeptical 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

OK, but as practical matter, it is possible for people to hack through password security like those protecting WiFi networks, right? How should we keep them from doing it?

Deron s 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

If people looked ahead when building or renovating their facilities, homes etc they could cost effectively secure signals from leaving or entering the structure. So for future reference the legal issue would no longer exist. Open networks, encryption simply create opportunity good and bad.

VovkaBobSS 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Mej

We are happy girls!

Ce mai faceti?
Canopy Tarp Bad Credit Mortgage Canada Belly Button Community Type Agent Estate Florida Real Banker Maryland Mortgage
Bad Credit Louisiana Mortgage
Jeep Sale Carpentry And Building Construction
Pleasanton California Real Estate Agent
Vastomazonok

http://bvf67.iespana.es

tramadol 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

81e31de21f46 Very good tramadol tramadol

http://www.abc-acupuncture.com/baxqorav

Wireless, Security, and Liability

Viewing 12 Comments

Trackbacks

Welcome

Archives

Search

Polls

Categories

Contributors

Tech Policy

Tech News

Bloggers We Like

Our Sites

Where We Work

Sponsors