RE: [fw-wiz] Interlopers on the WLAN

From: Cox, Michael (
Date: 11/06/02

From: "Cox, Michael" <>
Date: Wed Nov  6 11:58:01 2002

On a slightly different tack, and hopefully not too far off topic, what
saves the owners of the truly open WLAN's from liability if the access they
grant is used for nefarious purposes? With my ISP I have the chance to sign
an acceptable use agreement, but somehow I doubt that the pub hands these
out with the beer.


> -----Original Message-----
> From: Bill Royds []
> Sent: Tuesday, November 05, 2002 9:39 PM
> To: Frank O'Dwyer;
> Cc:
> Subject: RE: [fw-wiz] Interlopers on the WLAN
> Last weekend, I and other members of went to a
> local pub. When we arrived there there were little cards on
> each table that this pub has wireless Ethernet available.
> Nice pub touch since it was just a block from the Cognos head office.
> I think, that is the only real invitation to use a wireless LAN.
> Using one just because it is there is the same as going into
> someone's office and plugging into the RJ45 connection in the
> wall. It wouldn't make you too popular with the corporate
> LAN administration so why should connecting to open wireless
> mean anything different.
> -----Original Message-----
> From:
> []On Behalf Of Frank
> O'Dwyer
> Sent: Tue November 05 2002 18:29
> To:
> Cc:
> Subject: Re: [fw-wiz] Interlopers on the WLAN
> I think it ought to make a difference if an attempt has been made to
> secure the network. Otherwise you are expecting people to
> read your mind
> as to whether you intend the network to be private or not. For all its
> faults, WEP is at least a fairly large clue that the network
> is intended
> to be private.
> But if you haven't even turned WEP on, then who's to say whether your
> network is supposed to be for employees only, or an access hotspot for
> anyone who passes by. It's not like you left your door unlocked or
> something, it's more like you hung a big orange sign on your
> door saying
> "welcome!". The very fact that you're broadcasting the ESSID with no
> security measures whatsoever could be reasonably construed as a public
> invitation to connect.
> Similarly if you had a publicly accessible system which popped up
> "welcome to the foo system" and logged you straight in with
> no password,
> (rather than "this system is private property and
> unauthorised access is
> not permitted", followed by a login prompt) then you would
> (and should)
> have a tough time pressing charges against anyone who connected.
> Cheers,
> Frank
> On Tue, 2002-11-05 at 08:23, Philip J. Koenig wrote:
> > Please forgive if this has been covered before, I'm not reading the
> > group daily these days.
> >
> > Is it reasonable to assume that those who access WLANs without the
> > permission of the owner are violating the same cybercrime laws that
> > apply to any unauthorized access of a computer network?
> >
> > Some have recently argued this is not the case if someone doesn't
> > "enable the security features", but personally I don't see the
> > distinction between this kind of activity and anything normally
> > prohibited by laws such as California Penal Code section 502a and
> > various other cybercrime laws. It doesn't seem to me that the law
> > makes a distinction about whether the network in question
> was secured
> > or not. (what does 'secured' mean anyway?)
> >
> _______________________________________________
> firewall-wizards mailing list
> _______________________________________________
> firewall-wizards mailing list

Relevant Pages