Penetration Testing mailing list archives
Re: Re: Re: Legality of WEP Cracking
From: "Justin Ferguson" <jnferguson () gmail com>
Date: Sat, 19 May 2007 17:13:55 -0400
Well, if you look at that link and notice that under the 'Wiretap Act' (AKA Federal Wire and Electronic Communications Interception Act.), that 'You're probably not in violation if you intercept unencrypted wifi communications.', note the 'probably', which tells me that there most likely is not any case law on the subject as of yet, so which judge, what you were doing and how much your lawyer costs will have a significant play on the subject. Even more, your link is talking more about accessing an open AP, not intercepting traffic, which is another ball of yawn. What the 'Wiretap Act' states exactly is that its not unlawful to intercept traffic that is 'readily accessible to the general public', whether wifi traffic is 'readily accessible' is arguable and my understanding (which may be incorrect) is that it relates to expectation of privacy, which most people sitting at home using their AP have. Honestly though, its probably a question of law that has not been specifically ruled on, but if its encrypted then there is very little question and illegal, and if its unencrypted and you find yourself in trouble, I'd say hire a good lawyer and set a precedent for the rest of us. Wireless audits are going to be legal as you would be acting on behalf of a carrier/provider/owner and CB traffic will be covered under a number of the exceptions listed. 18 USC 2511: (2) (g) It shall not be unlawful under this chapter or chapter 121 of this title for any person— (i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public; On 19 May 2007 13:47:57 -0000, ebk_lists () hotmail com <ebk_lists () hotmail com> wrote:
Are you sure? Here is an interesting post: http://cfp2004.org/blogs/wardriving/archives/000056.html Makes for some good reading. This is definitely a gray area of the law. Which makes it hard to find concrete examples of what is legal and what is not. I'm of the opinion that passively listening to the air is not illegal. I equate it to listening to CB (civilian band) radio conversations. If they don't want us to "hear" these conversations, then they need to use encryption. The law comes in when you try to overcome any encryption they may be using, if you actually connect to and use the network (theft of service), and where you are when you are listening (potential trespassing). Active tools like netstumbler may also be pushing the limits. If just listening were a crime, we'd all be going to jail when we do wireless audits, because there is no way we can limit the traffic we pick up to only the networks we own or have permission for. It is just the way wireless works. One last thought: what you _do_ with any data you receive may or may not land you in jail as well. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: RE: Legality of WEP Cracking, (continued)
- Re: RE: Legality of WEP Cracking ebk_lists (May 18)
- RE: RE: Legality of WEP Cracking Erin Carroll (May 18)
- RE:Legality of WEP cracking scott (May 18)
- Re: Legality of WEP Cracking Matthew Webster (May 18)
- Re: Re: Legality of WEP Cracking cwright (May 18)
- Re: Legality of WEP Cracking Chris Travers (May 19)
- Re: Legality of WEP Cracking Bob Radvanovsky (May 19)
- Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Re: Legality of WEP Cracking Matthew Webster (May 19)
- Re: Re: Re: Legality of WEP Cracking ebk_lists (May 19)
- Re: Re: Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Legality of WEP Cracking cwright (May 20)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Legality of WEP Cracking Larry Offley (May 21)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Re: Legality of WEP Cracking ebk_lists (May 21)
- RE: Re: Legality of WEP Cracking John Babio (May 21)
- Re: RE: Re: Legality of WEP Cracking ebk_lists (May 22)
- Re: Re: Legality of WEP Cracking cwright (May 27)
- Re: Legality of WEP Cracking Nick Selby (May 29)
- Re: Re: Re: Legality of WEP Cracking cwright (May 29)
- Re: RE: Legality of WEP Cracking ebk_lists (May 18)