RE: Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act?

["Richard M. Smith" <rms () computerbytesman com>]

Matt,

What about (16)(F) then:

   (16) "readily accessible to the general public" means, with
   respect  to  a  radio communication, that such  communication  is
   not-- (F) an electronic communication

Where:

      (12)  "electronic  communication" means  any  transfer  of
signs, signals, writing, images, sounds, data, or intelligence of
any  nature  transmitted in whole or in part by  a  wire,  radio,
electromagnetic,  photoelectronic  or  photooptical  system  that
affects interstate or foreign commerce, but does not include--

          (A) any wire or oral communication;

 (1) "wire communication" means any aural transfer made  in
whole  or  in  part  through  the  use  of  facilities  for   the
transmission  of  communications by the aid of  wire,  cable,  or
other  like connection between the point of origin and the  point
of reception (including the use of such connection in a switching
station) furnished or operated by any person engaged in providing
or  operating such facilities for the transmission of  interstate
or foreign communications for communications affecting interstate
or foreign commerce and such term includes any electronic storage
of such communication;

    (2) "oral communication" means any oral communication uttered
by  a person exhibiting an expectation that such communication is
not  subject to interception under circumstances justifying  such
expectation,  but  such  term  does not  include  any  electronic
communication;

Richard

-----Original Message-----
From: Matthew Murphy [mailto:mattmurphy531 () gmail com] On Behalf Of Matthew
Murphy
Sent: Saturday, April 28, 2007 5:06 PM
To: Richard M. Smith
Cc: funsec () linuxbox org
Subject: Re: [funsec] Hasn't the LA Times and Humphrey Cheung ever heard of
the Electronics Communications Privacy Act?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Apr 28, 2007, at 1:39 PM, Richard M. Smith wrote:

> T-Mobile runs the WiFi service for Starbucks.  Does T-Mobile meet the 
> definition of a common carrier?  If so, the "readily accessible"
> defense
> does not apply, right?  Quoting from your original message:
>
>    "readily accessible to the general public" means, with respect
>    to a radio communication, that such  communication is *not* 
> transmitted
>    over a communication system provided by a common carrier

Internet Service Providers are not common carriers, even if the organization
providing the internet service also provides common carrier services (which
T-Mobile may, via its cellular phone services, for example).  Time Warner,
for example, provides both phone services (which are common carrier) and
internet broadband services (which are not).  The latter are subject to
discrimination in service which would be prohibited under common carrier
regulations.  Therefore, such services are also not entitled to common
carrier protection.

> Here's an older example of a WiFi security demo for the press gone
> bad:
>
>    Ethical hacker faces war driving charges
>    http://www.theregister.co.uk/2002/07/26/
> ethical_hacker_faces_war_driving/
>
> I think this guy was charge under the Computer Fraud and Abuse Act.  
> The
> jury found him innocent because he didn't cause any damages.   
> Regardless, I
> wonder if he will ever do the same type of security demo again for the 
> press.......

It's another example of an overzealous US Attorney prosecuting a case they
could never win.  You generally can't prove unauthorized access if there's
no access control on a service and the means in which it is accessed is not
itself exploitive (e.g., taking advantage of software vulnerabilities).
It's ridiculous to state that the guy could *possibly* have run up $5,000 in
damage simply by accessing the WLAN.  If he accessed other computers on the
network, or ran up internet bandwidth charges, that would be a different
story.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iQIVAwUBRjO3OnXzqEAiV8M/AQKK6Q/5AayaP/IGqxanU4iX31PT6I7X+Zh/Qqm1
/m5o7WuLu0yngP3pu9c/lWWLxkg0krUgdkIZPdZ6kYHVRQqM151QnPo7Ye5n8Dbi
5DMEXWNGAAF8l0A6Oe0cv/tlF1ds2eUxQPHlxap6TTdCokAiq7I1udvi+EdKfoXG
veFfuUI114hCYMYygIsq3aRO5PS+MVDRwj2++zdeLu9zg5PkKQ4UsgDNjo2yfbQG
m+IQutwVGuQ1tlH/sXhTN4VmJjcl4JFso12Kb+EVJkIApOyOoAJ9E/YMCMkGAdDM
uswE34aOjVHozOYDPRhayMuVbueaVcu30VEPF2fzG0vgDfo1t0opG0Bs9jJOPpgv
Drd3h8QaJmOARvreW3mR9h9rxWjSfDvEZuqxAlrpMazffYi9Mmjs4gfBMl0bllSI
BeZzCsVLHBSc1mprTZOKNMwulgqFwXNtmCfMrq3t+RKQGDnmJR+ZXLo7xXfycRkX
KK3v+TqCEgETNe6QHCnlePPl7K8HHhts0+/SJic/1+5UW3l7qKXN5ZByhQif8mHD
TNqyFrdE2DcZXc6NdMwCwCKN6X26oxABo60IUc5+Bj02gP4N6arTyXPB34+fXLXF
1JuZBcbK4aOlociWq5ahjm0TljTB7tSbkdPpdwtZ2Wtrd1eECvqesBB2IgGcXhGG
GFOwRpzL+DU=
=Pto/
-----END PGP SIGNATURE-----

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.