Wi-Fi falls under the same code that makes it legal to record cell phone conversations because they are classified as radio transmitters. Also, there is the problem that someone could quite plausibly attach to a neighbor's network without even knowing it- My laptop, for example, will associate with improperly secured WAPs without telling me which one. I see nothing identifying the Wireless network unless I drill down several steps into an interface. What I'm getting at is you know how at your work how you have those little messages that pop up about what network you're connecting to? The reason that these exist is that in some early (and poorly prosecuted) hacking cases, hackers were able to get acquited because they claimed they could not tell what system they were on.
Man I feel stupid. I could have gotten WPA to work on my ibook the first time I used it if I had applied the settings. lol
People shoud also try to enable that MAC address filter thingy on their routers if they can. Although it's not completey foolproof (i'm sure there's a way to spoof MAC addresses) it will probably discourage the average script kiddie who wants to hack your wep keys by using easily available tools.
I use MAC address filtering. It seems like the most secure method but obviously not practical in large organisations. You're right, it is a crime. Not sure I agree with someone actually being charged though. What I'd like to see is a wifi router that could partition the bandwidth. I'd be quite happy to let others use my wifi if I could lock them down to 100k bandwidth or something like that. It would be a public service but not effect my download speed.
Didn't read the whole thread (too early) but to think that WiFi is something you can just "receive" is incorrect. In order for any networking to function, there's a two-way communication going on. ITN and others categorized it as having your signal pouring over into your neighbor's yard. It's not that simple: The wi-fi stealer's computer has to also broadcast a very similar signal back to the wireless network in order to work at all, so the stealer's computer is taking a part in this, it's not like listening to the radio where nothing gets sent back. It's stealing plain and simple.
That might be what you think, and I understdand your feelings, but our government has decided that it is not stealing. I'm not talking about what I think- I am talking about how it was interpreted in a court of law. Now, if it's secured and you make attempts to bypass that security, you can be prosecuted, but NOT FOR THEFT. The security features that you all are talking about are easily circumvented using basic blended attacks easily found on the internet. Wireless is simply not considered secure by regulatory entities such as HIPAA and SOX, and they will hit you on your audit, even if you have taken all the steps you all talk about above. The only "secure" Wireless design includes VPN software on the client terminating to a VPN device behind the Access Point. The wireless segments in all my client sites are approached as "in the wild" and firewalled. Only clients who are VPN enabled can connect to the internal network.
just drive around and you wouldn't believe how many wireless networks, even a few small/mid businesses, are wide open with default user name and password.
Don't use WEP. It's very unsecure. It's what happens when people roll their own encryption algorithms behind closed doors. Use WPA-PSK. Even then, assume any 802.11-type network you're on is insecure. Run a firewall on your computer, and use SSH, VPN, or other encrypted connections.