On Fri, Mar 14, 2008 at 11:15 AM, SJS <[EMAIL PROTECTED]> wrote: > begin quoting Robert Donovan as of Fri, Mar 14, 2008 at 02:35:41AM -0700: > > On Fri, Mar 14, 2008 at 2:00 AM, Tracy R Reed <[EMAIL PROTECTED]> wrote: > > > Andrew Lentvorski wrote: > > > > The assumption here is that the person with the open AP has an > > > > "unlimited" bandwidth plan. > > > > > > It seems like we are trying unusually hard to excuse the ignorance of > > > those who would pay for bandwidth by the byte yet leave an access point > > > open. Normally the kplug crowd comes down pretty mercilessly on > > > ignorance. Why the change of heart? > > > > It's not about coming down hard on ignorance. The people in the kplug > > crowd also are the first to rail against exploitation for personal > > gain against people who can't fight back. > > Good point. > > > Coming down on those who are > > ignorant with the object of educating them is one thing. Coming down > > hard on those who are content to remain ignorant after having been > > informed might also be acceptable, but taking advantage of someone > > just because people happen to be ignorant of a vulnerability is the > > very kind of exploitation that I hear people railing against on this > > list all the time. > > Is it really exploitation?
My original post was in response to being considerate of others, so, perhaps, inconsiderate, as in failing to consider all possibilites regarding the other person, is the better term. > The problem is that we have three categories of use here -- the person > who gets on to an open wireless network, checks a few things, and then > quits; the person who spends a moderate amount of time and bandwidth > on open wireless networks for extended periods of time; and finally, a > person who saturates the wireless network with their own traffic, > rendering it unusable to anyone else. As I am getting uncomfortable with the tone of dictating morals to others I seem to have adopted, I'll respond in the first person rather than the third. I was raised to think in terms of avoiding the potential for causing harm or offense to others without good cause if I could, wether or not they were ignorant of the fact, didn't care, or knew darn well I was doing it. To intentionally do that was reprehensible, as I think most would agree. To do so unwittingly and unintentionally was to be avoided whenever reasonable action could be taken to do so. In the case of using an open AP it could well be that the person running it doesn't mind others using it, or he may be ignorant of the fact that his AP is open, or he could mean it to be private and be idiotically standing on principle that it's his AP, and you shouldn't be using it, while making no effort to secure it. In regard to this last, I am the first to agree that this is stupid, because it proceeds from the obviously flawed premise that everyone will respect his AP because he does. Whatever the case, as grandma always said, it's not about other person's intent or actions, it's about yours. Just because my actions don't happen to cause harm or offense in a given instance doesn't necessarily mean that I haven't acted harmfully or offensively. Since I can't always know, and may not be able to ascertain, which category of AP owner I'm dealing with. But it could be that they don't want me to use their AP without, at least, asking first. I was raised to try, within reason, to err on the side of caution and not connect in cases in which a simple act of self control would avoid the possibility of causing harm. That doesn't I've always been the best example of that, but better to try for that than to assume everyone is offering their stuff for public use and wind up accidentally hurting or offending someone. Does that mean I'd condemn you if you did something so minor as to use somebody's AP sans consent? Of course not. That's where the matter of degree comes in. In cases where extraordinary action not commensurate with the degree of the offense I'd be committing is required in order to err on the side of caution, as in a laptop you can't control automatically logs on to the first available wirelsss signal indiscriminately, or a case where you might suffer physical harm or financial ruin if you didn't get to the Internet, especially if your use had little to no impact on the APs capacity, that's a case of no harm, no foul as I see it. The point is, the effort should be made, if you can in situations where apparently shared resources are not expressly intended for common use. If you think that's naive, or pollyanna, or whatever, so be it. > No harm, no foul. If packets aren't stomping on each other, and we > aren't seeing a lot of retransmits or timeouts, it's shouldn't be an > issue. (But that's just general network good behavior anyway.) Again whether or not I caused actual harm is not necessarily my primary consideration. If I glom somebody's Internet via an open AP and they don't want other people to do that, I've committed an offense, whether it caused harm, offense, annoyance, whatever. By the way, I thought the statement no harm, no foul meant not that you've comitted no offense, but that the offense you committed will not be counted against you. The goal is to avoid the offense in the first place if you can. > > Perhaps it's not on as grand a scale as some of > > those conversations, but the principle is the same. Call me > > Why? See above. > You haven't yet dealt with the possibility that it might be an open > network, for use by all, free of charge. See above > If I build a road on my property, so that it looks like a public road, > and then people *use* it as a public road, what cause do I have to be > upset? If I object to people using my private road as a public road, > but take no action to distinguish it from a public road, it doesn't > make those people using my road _wrong_ or _bad_. If the road can't be distinguished from a public road, then I've have done nothing wrong by using it, because I might reasonably have thought it was a public road. However, if I'm driving on the road and see a sign one day that this is a private road, and there exists an alternate route that is not significantly more trouble to take, I have an obligation to respect that persons private property and not use the road. If the road has been left indistinguishable from a public road for a long enough time, there is no other obvous route, and it would do me and others great harm to have that road closed to through traffic(not usually the case with an open AP, but it's possible), this may be considered an easement, in which case I may have some rights to use of that road. Again, it's a matter of degree. > > old-fashioned if you want to, but the fact that someone is not aware > > of a vulnerability, or doesn't understand it, doesn't grant anybody > > else some special right to take advantage of them just because they > > can. I realize this is done all the time, but that doesn't make it > > right or something to be strived for. > > Is it a vulnerability, when it looks like a feature that others provide? See the road analogy above > Note that we're not talking about cracking the WAP security, we're > talking about (reasonable) use of an open wireless network, in a world > where a lot of people get a kick out of providing free network access. > > This isn't equivalent to tying into someone's _wired_ network, after > all. No, but I would still call it inconsiderate to do so without making some attempt to get permission first, if that were possible. > I agree that taking advantage of the unfortunate is reprehensible. I > don't agree that assuming everyone is incompetent and a victim is a > good idea -- for one, it's insulting. We are in general agreement on this. In keeping with the theme of consideration of others, and since this thread should probably have been Koolered long ago, I'm done posting to this thread. RD -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
