Sunday, February 26, 2006

SURFING ON BORROWED TIME

During the recent snowstorm that blanketed the northeastern United States, I found myself stuck at Chicago's O'Hare Airport. A fellow strandee was busily tapping into his e-mail, downloading files from the Internet and generally having a grand old time with his laptop computer. He told me that O'Hare had allowed him to pay $6.95 for the day to log onto its wireless network, allowing him to stay connected while in the airport.

Increasingly coffee shops, restaurants and other establishments are also offering wi-fi access on a pay-as-you-go basis. Some communities even have set up free wi-fi-access areas for their residents.

But what happens when, for example, you find that a neighbor has set up a wi-fi connection for her own use or a college has set up one for its students, but they've failed to secure it from other users logging in?

Recently several readers have written to ask me if it's OK for them to use an unsecured wi-fi access point to connect to the Internet if they haven't been granted formal permission to do so.

One reader in Fullerton, Calif., writes that his hometown offers free access, only asking residents to answer a few questions online and to provide their e-mail addresses. But what about other communities that don't ask for any information and "let you in without restriction?"

Another reader, from Columbus, Ohio, visited his mother recently. She had only a very slow dial-up Internet access, but the son found that one of her neighbors had a high-speed wireless connection.

"I find it quite easy to log in and gain Internet access," he writes."As I see it, I am not really stealing anything. As long as I am limiting my use to standard e-mail or Web access, I am not using enough bandwidth to degrade her own Internet activity, so no harm done, right?"

Most institutions or individuals who establish wireless Internet connections know how to set them up so that a login and password are required for access. If they decide not to do this, then the connection is open for anyone in range to use.

While I suppose that an argument could be made that you should never use what you don't pay for, I don't believe that this would apply here -- and I'm not even sure that I agree with the broad sentiment. Unless it is made clear to users tapping into wireless connections that they must agree to certain conditions before proceeding, they have not breached any ethical mandate by logging on in any way that they legally can.

The right thing would be for those who set up wireless connections and want to keep them private to take the time to do so. If you're a piggybacking user and can identify the individual to whom the connection belongs, it would be courteous but not essential to let that person know that you and presumably others are able to enjoy their wireless largesse.

But the responsibility for deciding whether others should be able to tap into a given access belongs squarely on the shoulders of whoever is setting up the original connection.

8 comments:

Anonymous said...

I agree. The onus is on the network access provider to establish security. It is not the user's responsibility to inquire about an open access network to the Internet before using it. A user finding an open network may transfer ANY size file, not just ones requiring little bandwidth. Of course, if too many people transfer large files and slow down the system the owner may later choose to limit access.

Providers and users of such open systems are subjecting themselves to higher security risks. A more challenging ethical question: Is it ethical to grab files from another user's computer on the open network? In my opinion, no. Most computer users are not sophisticated enough to properly secure their computers to protect themselves against security threats. Other wireless network users should ethically ask if they can read or copy files from another user's computer before doing so. Even if they are able to do so without hacking techniques.

The difference between these two cases is potential harm. In the first case, users may experience slower Internet speeds but cannot be harmed by the result. In the second case, a wireless access user may be severely harmed by having the security of his or her computer breached.

Anonymous said...

WHAT DID WE DO BEORE INTERNET???? I think everyone has gone absolutely crazy and self centered! It seems we have no patience and NO REGARD for the property of others. If you are where you can not log on, then so be it! If there is no life or death situation, then open a book and READ!!!!!!! Get a grip!

Anonymous said...

I'll post what I wrote Mr. Seglin (slighly modified):

I read the article on using a neighbor’s connection with horror and dismay. I’ll use the analogy I use with so many others: if your gate was open and the pool wasn’t being used, would it still be ok for me to just come on over? If the keys were in your car, I could drive away without concern on your part? Using your phone line to call phone sex operators is just ducky?

Why is the notion that using something that someone else pays for NOT OK if the object is tangible and somehow ‘alright’ if it’s ethereal? In any of the examples I cited, people would be up in arms, declaring trespassing, theft and potential liability for the use of their belongings / services. No one would consider the automobile example and condone driving off in your neighbor's car by saying "it's ok since they should've locked the door".... In the case of unsecured wi-fi however, that same type of larcenous thinking seems to be ok.

Stealing wi-fi, a supposedly benign activity, allowable because someone was lax on security, isn’t without true penalties for the unsuspecting victim. You forget that ISPs are now closely monitoring downloads and aggressively applying caps / disconnecting customers if they go over their limit, a real danger when the leeching you endorse takes place. Homeland Security, ISPs and other law enforcement agencies are actively tracking the online activities of people who visit porn / pedophelia / terrorist related sites. Officials go after the account holder for these activities, so the victim could be jailed over a poacher’s predilections. And how about the RIAA, which has made a habit of suing just about any one who’s got music on their machine? Ms. Santangelo’s legal battle with the RIAA should be sobering in that regard, since as they can’t actually prove she did anything, yet she’s in court defending herself.

Most assuredly, all are arguments for the victim to be proactive on their security.

But finally, I come down to the notion that you don’t take what you haven’t paid for. My parents called that stealing.

What did yours call it?

Anonymous said...

Maybe it is OK, or maybe it's not. But nothing in your article gives any reasoning that actually points one way or another, based on the nature of the actions. The article contains only conclusions, not a process of reasoning leading to them. Because of the lack of reasoning from premises to a conclusion, the article's language is far too broad. It fits just as well the following two cases:

"If [a neighbor] decides not to [put up a fence], then the[ir yard] is open for anyone in range to use.

. . . Unless it is made clear to [people walking by] that they must agree to certain conditions before proceeding [across the unfenced yard], they have not breached any ethical mandate by [using the yard as a public pathway].

The right thing would be for those who [have yards] and want to keep them private to take the time to do so [by putting up fences]. If you're [taking a shortcut across the yard] and can identify the [yard's owner, not just a renter], it would be courteous but not essential to let that person know that you and presumably others are able to enjoy their [fence-rejecting] largesse.

But the responsibility for deciding whether others should be able to [cross the yard] belongs squarely on the shoulders of whoever [could fence it]."

or

"If [a neighbor] decides not to [lock their door], then the[ir house] is open for anyone [who walks up] to use.

. . . Unless it is made clear to [people coming to the door] that they must agree to certain conditions before proceeding [into the house], they have not breached any ethical mandate by [entering the house].

The right thing would be for those who [have dwellings] and want to keep them private to take the time to do so [by locking their doors]. If you [enter an unlocked door]] and can identify the [dwelling's owner, not just a renter], it would be courteous but not essential to let that person know that you and presumably others are able to enjoy their [unlocked dwelling] largesse.

But the responsibility for deciding whether others should be able to [enter the house] belongs squarely on the shoulders of whoever [could lock the door]."

There may be differences between not locking a door and not locking use of a radio channel. But nothing in this article starts with the premise of such differences to justify different conclusions in the two otherwise analogous situations.

Anonymous said...

While I agree that piggybacking on an open wireless connection for access to the Internet at large is acceptable, just because it is open does NOT give one the right to attack or otherwise explore the systems that are on that network. To expand on the fenced yard analogy of another poster, I find it acceptable to cut through a neighbor's yard, but it would be not right to damage things, or take things that are in that yard. An open wireless connection does not give you the right to attach to computers in your neighbor's house, dig through their financial data, etc.

Jeffrey L. Seglin said...

There appears to be a discussion of this topic and a reference to The Right Thing column at:

http://arstechnica.com/news.ars/post/20060227-6272.html

Click on "Discuss" at the end of the story at this site to reader more response to the issue.

Jeffrey L. Seglin said...

A couple of more discussion threads with arguments on both sides of the issue:

http://www.techdirt.com/articles/20060227/014237
_F.shtml

and

http://www.dslreports.com/shownews/72363

Anonymous said...

There's another new thread at http://www.emptorium.com/2006/03/09/other-peoples-wifi-is-it-ethical/