[Gllug] WEP security experiences

Richard Jones rich at annexia.org
Wed Jun 20 08:52:16 UTC 2007

On Wed, Jun 20, 2007 at 09:09:31AM +0100, Jason Clifford wrote:
> On Wed, 20 Jun 2007, Caroline Ford wrote:
> > As far as I understand it:
> > 
> > Using without permission = legally bad
> > Using with permission = legally good
> That's about it.
> > Using a cafe's access point without buying a drink is presumably without
> > permission.
> The measure is reasonableness. It is not reasonable to suggest that the 
> cafe authorises those who are not cutomers to use its facilities unless 
> there is some explicit authorisation.
> > I can see that it would be easier to justify connecting to an access
> > point without permission if you hadn't cracked their WEP key. You could
> > claim that you'd "accidentally" connected to an open access point. You
> > can't accidentally crack someone's WEP key. If they'd WEPed it they
> > clearly didn't want you.
> That's true.
> As far as the law is concerned it's about the same as being in someone's 
> home without permission. The fact that the back door was not secure enough 
> to stop you breaking in does not excuse your unauthorised entry.

Woah, hang on there...  Which law?

The Computer Misuse Act talks about access to "a computer" which is
"unauthorised".  Is a wireless access point a computer?  Is accessing
it unauthorised if it is continually sending out beacons and protected
with encryption which is known to be ineffective (or in the case
above, is completely open)?

The CMA is oddly silent on the subject of having to buy a cup of tea
at a cafe before you can use their wifi.

The Police and Justice Act amends this slightly but it still says
nothing about networks, wifi, tea, etc.


Richard Jones
Red Hat
Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list