Netstumbler's Legal note

If access to WiFi is acceptable and legal then why does Netstumbler have te
following on their website?

http://www.stumbler.net/readme/readme_0_4_0.html

"I am not a lawyer. However as a user of this software, you need to be aware
of the following.

In most places, it is illegal to use a network without permission from the
owner. The definition of "use" is not entirely clear, but it definitely
includes using someone else's internet connection or gathering information
about what is on the network. It may include getting an IP address via DHCP.
It may even include associating with the network.

The IP address reporting functionality in NetStumbler is for you to check
the settings of your own network, and for corporate users to identify rogue
access points operating within their organization. If you are doing neither
of these things, it is suggested that you disable TCP/IP on your wireless
adapter. This will help you to avoid possible legal trouble."

---

› See More: Netstumbler's Legal note

In article <[email protected]>,
"IMHO IIRC" <[email protected]> wrote:

> If access to WiFi is acceptable and legal then why does Netstumbler have te
> following on their website?
>
> http://www.stumbler.net/readme/readme_0_4_0.html
>
> "I am not a lawyer. However as a user of this software, you need to be aware
> of the following.
>
> In most places, it is illegal to use a network without permission from the
> owner. The definition of "use" is not entirely clear, but it definitely
> includes using someone else's internet connection or gathering information
> about what is on the network. It may include getting an IP address via DHCP.
> It may even include associating with the network.
>
> The IP address reporting functionality in NetStumbler is for you to check
> the settings of your own network, and for corporate users to identify rogue
> access points operating within their organization. If you are doing neither
> of these things, it is suggested that you disable TCP/IP on your wireless
> adapter. This will help you to avoid possible legal trouble."

You seem fond of acronyms.

Here's another: CYA

--
Alan Baker
Vancouver, British Columbia
"If you raise the ceiling four feet, move the fireplace from that wall
to that wall, you'll still only get the full stereophonic effect if you
sit in the bottom of that cupboard."

IMHO IIRC quotes:
> owner. The definition of "use" is not entirely clear, but it definitely
> includes using someone else's internet connection or gathering information

Ah, so "use" includes using. Yep, they definitely cleared that up.

--
Wes Groleau
"What you see and hear depends a good deal on where you are standing;
it also depends on what kind of person you are."
-- C.S.Lewis

In article <[email protected]>,
"IMHO IIRC" <[email protected]> wrote:

> If access to WiFi is acceptable and legal

Except it's not, at least there are circumstances where accessing a WiFi
network is neither acceptable or legal- wardriving, for which
NetStumbler is useful, to send spam or pornography for example.

On 2007-07-02, Tim McNamara <[email protected]> wrote:
> In article <[email protected]>,
> "IMHO IIRC" <[email protected]> wrote:
>
>> If access to WiFi is acceptable and legal
>
> Except it's not, at least there are circumstances where accessing a WiFi
> network is neither acceptable or legal- wardriving, for which
> NetStumbler is useful, to send spam or pornography for example.

Logically there ought to be a distinction between passive listening
to whatever 802.11 signals happen to be impinging on you, and actively
sending out frames with the intention that they get picked up and
acted on by an access point.

Even passive listening could be a problem legally, at least if you
attempt to decrypt encrypted traffic (DMCA) or copy information you
pick up that is covered by copyright for example.

But there are many networks open to public access, and if you need to
get on the Internet it seems quite reasonable to see if there is
such a network available. The only way to do that is to listen for
SSIDs and then try connecting to any that you find. Even though
that requires more than passive listening it ought to be perfectly
legal. If an access point hands you an IP address on a plate then I
would say that you could provisionally assume that it is intended
for public access. If it does not and you try to get one by spoofing
a MAC address or cracking encryption then you could be accused of
attempting to gain unauthorised access to a system or network and
it would be as well to know the relevent law.

Ian

--
Ian Gregory
http://www.zenatode.org.uk/ian/

"Wes Groleau" <[email protected]> wrote in message
news:uy_hi.3090$Of2.2743@trnddc06...
> IMHO IIRC quotes:
>> owner. The definition of "use" is not entirely clear, but it definitely
>> includes using someone else's internet connection or gathering
>> information
>
> Ah, so "use" includes using. Yep, they definitely cleared that up.

Maybe we need Clintons lawyer to give us their definition of "use".

In article <[email protected]>,
Ian Gregory <[email protected]> wrote:

> On 2007-07-02, Tim McNamara <[email protected]> wrote:
> > In article <[email protected]>,
> > "IMHO IIRC" <[email protected]> wrote:
> >
> >> If access to WiFi is acceptable and legal
> >
> > Except it's not, at least there are circumstances where accessing a
> > WiFi network is neither acceptable or legal- wardriving, for which
> > NetStumbler is useful, to send spam or pornography for example.
>
> Logically there ought to be a distinction between passive listening
> to whatever 802.11 signals happen to be impinging on you, and
> actively sending out frames with the intention that they get picked
> up and acted on by an access point.
>
> Even passive listening could be a problem legally, at least if you
> attempt to decrypt encrypted traffic (DMCA) or copy information you
> pick up that is covered by copyright for example.
>
> But there are many networks open to public access, and if you need to
> get on the Internet it seems quite reasonable to see if there is such
> a network available. The only way to do that is to listen for SSIDs
> and then try connecting to any that you find. Even though that
> requires more than passive listening it ought to be perfectly legal.
> If an access point hands you an IP address on a plate then I would
> say that you could provisionally assume that it is intended for
> public access.

Exactly. An open network broadcasting an SSID is basically sending out
an invitation: "I'll give you an IP address if you ask." The fact that
the person whose network it is might be too clueless to realize this is
irrelevant.

Consider again the case of physical trespass. Imagine that a property
has signs on it saying "All are welcome." Is entering that property
illegal because the signs might have been put up by a previous owner,
and the current one might be an illiterate who is unaware of what they
say?

> If it does not and you try to get one by spoofing a MAC address or
> cracking encryption then you could be accused of attempting to gain
> unauthorised access to a system or network and it would be as well to
> know the relevent law.

--
"That's George Washington, the first president, of course. The interesting thing
about him is that I read three--three or four books about him last year. Isn't
that interesting?"
- George W. Bush to reporter Kai Diekmann, May 5, 2006

ZnU wrote:

> Consider again the case of physical trespass. Imagine that a property
> has signs on it saying "All are welcome." Is entering that property
> illegal because the signs might have been put up by a previous owner,
> and the current one might be an illiterate who is unaware of what they
> say?

Does that also apply to "Kick Me" signs affixed to someone's back?

:-)

Not that I disagree with your analysis of open wireless networks...

IMHO IIRC wrote:
> If access to WiFi is acceptable and legal then why does Netstumbler have te
> following on their website?
>
> http://www.stumbler.net/readme/readme_0_4_0.html
>
> "I am not a lawyer. However as a user of this software, you need to be aware
> of the following.

Ever considered asking your lawyer instead of asking a bunch of folks on
usenet? Which one do you think is more credible (or easier to strangle
in case we're wrong? I can give you a hint, its not me.)

> In most places, it is illegal to use a network without permission from the
> owner. The definition of "use" is not entirely clear, but it definitely
> includes using someone else's internet connection or gathering information
> about what is on the network. It may include getting an IP address via DHCP.
> It may even include associating with the network.

Netstumbler, under normal circumstances, doesn't grant you access to
someone's network. I've always had to close netstumbler and use XP WZC
to connect to a network found with netstumbler. Netstumbler merely
sending out SSID/ESSID requests to whatever 802.11 channel its using at
that moment. It waits so long (couple hundred ms) and hops to the next
channel and does the same. You're dealing with an extremely well
publically documented protocol, and doing very standard scan requests
within the parameters of the protocol, so I'd consider it a very ****ed
up state of affairs if this were to be considered "illegal" (which its not)

If this is illegal, then *EVERY* copy of Microsoft Windows XP and Vista
are cracking applications. The "Wireless Zero Configuration" program
built into every single copy of XP and Vista do *everything* netstumbler
does, it simply doesn't display the information. Hell, so do those
little 'configuration' apps that ship with just about every single
wireless device out there. Lets not forget Apple's worthless OS's
wireless searching application, too!

****, all those Wifi-equipped PDAs at the cellphone store... ****...
they're all illegal too in your world.

> The IP address reporting functionality in NetStumbler is for you to check
> the settings of your own network, and for corporate users to identify rogue
> access points operating within their organization. If you are doing neither
> of these things, it is suggested that you disable TCP/IP on your wireless
> adapter. This will help you to avoid possible legal trouble."

Theres no legal problem with that unless you're sending terroristic
threats, downloading/uploading kiddie porn, or some other illegal
activity on the Internet. Local laws vary from place to place, and may
get pulled out on you. Ultimately for data in the ISM band, its the
station owner's responsibility to encrypt/secure their network.

Considering my friend's patched-up-to-current Windows 2000 running
laptop got *owned* in a measly 2 minutes on a motel's wireless network,
I'd *HIGHLY* suggest not randomly connecting to networks with no
protection, without a steel belted condom (ie - disabling tcp/ip, good
firewall, etc) or concrete genitalia (Linux, *BSD)

Personally, I think netstumbler is a mostly worthless pile of noisy poop
that doesn't detect half the crap out there. I've personally had
considerably better luck passive scanning with Kismet under Linux using
an Atheros adapter. Passive scanning is protected by the long standing
rules, and should not be considered a wiretap unless you're actually
*logging* the data. This would fall under the same rules that allow
passive radio scanning/receiving devices to be sold without license, but
there is no unconditional right to recording/reproducing commercial
broadcast transmissions.

Cracking encryption (I don't care if its WEP56, its still encrypted -
afaik neither netstumbler or kismet do any cracking), destroying
people's data, etc. Thats all illegal no matter how you enter the
network. Improper use of private data acquired by any means including
wiretap or network access is frowned upon.

What it comes down to is its all about intent. Trying to hide basic
tools like netstumbler or kismet from the average techie will not slow
down the spammers/hackers, it'll just leave the techies unclued. A
person has to know exploits exist before they can be patched, you know :P

On 2007-07-03, James Glidewell <[email protected]> wrote:
> ZnU wrote:
>
>> Consider again the case of physical trespass. Imagine that a property
>> has signs on it saying "All are welcome." Is entering that property
>> illegal because the signs might have been put up by a previous owner,
>> and the current one might be an illiterate who is unaware of what they
>> say?
>
> Does that also apply to "Kick Me" signs affixed to someone's back?
>

if they affixed the "kick me" sign on their own backs, then yes