funsec mailing list archives
RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act?
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Sat, 28 Apr 2007 17:31:02 -0400
Matt, What about (16)(F) then: (16) "readily accessible to the general public" means, with respect to a radio communication, that such communication is not-- (F) an electronic communication Where: (12) "electronic communication" means any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce, but does not include-- (A) any wire or oral communication; (1) "wire communication" means any aural transfer made in whole or in part through the use of facilities for the transmission of communications by the aid of wire, cable, or other like connection between the point of origin and the point of reception (including the use of such connection in a switching station) furnished or operated by any person engaged in providing or operating such facilities for the transmission of interstate or foreign communications for communications affecting interstate or foreign commerce and such term includes any electronic storage of such communication; (2) "oral communication" means any oral communication uttered by a person exhibiting an expectation that such communication is not subject to interception under circumstances justifying such expectation, but such term does not include any electronic communication; Richard -----Original Message----- From: Matthew Murphy [mailto:mattmurphy531 () gmail com] On Behalf Of Matthew Murphy Sent: Saturday, April 28, 2007 5:06 PM To: Richard M. Smith Cc: funsec () linuxbox org Subject: Re: [funsec] Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Apr 28, 2007, at 1:39 PM, Richard M. Smith wrote:
T-Mobile runs the WiFi service for Starbucks. Does T-Mobile meet the definition of a common carrier? If so, the "readily accessible" defense does not apply, right? Quoting from your original message: "readily accessible to the general public" means, with respect to a radio communication, that such communication is *not* transmitted over a communication system provided by a common carrier
Internet Service Providers are not common carriers, even if the organization providing the internet service also provides common carrier services (which T-Mobile may, via its cellular phone services, for example). Time Warner, for example, provides both phone services (which are common carrier) and internet broadband services (which are not). The latter are subject to discrimination in service which would be prohibited under common carrier regulations. Therefore, such services are also not entitled to common carrier protection.
Here's an older example of a WiFi security demo for the press gone bad: Ethical hacker faces war driving charges http://www.theregister.co.uk/2002/07/26/ ethical_hacker_faces_war_driving/ I think this guy was charge under the Computer Fraud and Abuse Act. The jury found him innocent because he didn't cause any damages. Regardless, I wonder if he will ever do the same type of security demo again for the press.......
It's another example of an overzealous US Attorney prosecuting a case they could never win. You generally can't prove unauthorized access if there's no access control on a service and the means in which it is accessed is not itself exploitive (e.g., taking advantage of software vulnerabilities). It's ridiculous to state that the guy could *possibly* have run up $5,000 in damage simply by accessing the WLAN. If he accessed other computers on the network, or ran up internet bandwidth charges, that would be a different story. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) iQIVAwUBRjO3OnXzqEAiV8M/AQKK6Q/5AayaP/IGqxanU4iX31PT6I7X+Zh/Qqm1 /m5o7WuLu0yngP3pu9c/lWWLxkg0krUgdkIZPdZ6kYHVRQqM151QnPo7Ye5n8Dbi 5DMEXWNGAAF8l0A6Oe0cv/tlF1ds2eUxQPHlxap6TTdCokAiq7I1udvi+EdKfoXG veFfuUI114hCYMYygIsq3aRO5PS+MVDRwj2++zdeLu9zg5PkKQ4UsgDNjo2yfbQG m+IQutwVGuQ1tlH/sXhTN4VmJjcl4JFso12Kb+EVJkIApOyOoAJ9E/YMCMkGAdDM uswE34aOjVHozOYDPRhayMuVbueaVcu30VEPF2fzG0vgDfo1t0opG0Bs9jJOPpgv Drd3h8QaJmOARvreW3mR9h9rxWjSfDvEZuqxAlrpMazffYi9Mmjs4gfBMl0bllSI BeZzCsVLHBSc1mprTZOKNMwulgqFwXNtmCfMrq3t+RKQGDnmJR+ZXLo7xXfycRkX KK3v+TqCEgETNe6QHCnlePPl7K8HHhts0+/SJic/1+5UW3l7qKXN5ZByhQif8mHD TNqyFrdE2DcZXc6NdMwCwCKN6X26oxABo60IUc5+Bj02gP4N6arTyXPB34+fXLXF 1JuZBcbK4aOlociWq5ahjm0TljTB7tSbkdPpdwtZ2Wtrd1eECvqesBB2IgGcXhGG GFOwRpzL+DU= =Pto/ -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Richard M. Smith (Apr 28)
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)
- Message not available
- Re: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act? Matthew Murphy (Apr 28)