Breaking and entering with your... Wi-Fi card?

In the interests of full disclosure, I feel the need to start this little tale with a statement. An admission, if you will. An admission of guilt. For if I lived in Michigan, I would be in jail right now, serving a five-year sentence for violating the state's 1979 "Fraudulent access to computers, computer systems, and computer networks" law. I'd also be paying a $10,000 fine, which is a heckuva lot more than what my local Starbucks charges for its Wi-Fi service.

Why, you ask? Well, when I moved to California some many months ago (we'll pretend it was M*ch*g*n), I didn't have any internet access. In fact, I didn't have internet access for a full month (thanks, Comcast!) or so after moving, and was thus forced to resort to more... extravagant... measures in order to check my e-mail. Extravagant, of course, referring to the lengths I had to go just to find a working Wi-Fi signal to leech. It wasn't because all the Wi-Fi around my house was encrypted or what have you; no, I was just getting crappy signals, and had to go sit in my car just to achieve a functional, non-stuttery connection. Other than that, every accessible Wi-Fi network was completely and entirely open. Thanks, neighbors!

But my misdeeds haven't just been restricted to California. No, in college, this was pretty much par for the course. When one is living in an apartment -- be it on campus, or while on, say, a 6-month internship in New York City -- one gets creative with one's limited budget. And instead of shelling out $60 a month for the monopoly that is Comcast Internet, it's far easier to rely on the financial resourcefulness and generosity of your neighbor's unsecured Wi-Fi network. Mmm-mmm good.

That said, I'm not about to suggest that you should just hop on board any open point you find. My neighbors were kind; were my neighbors, say, some of Northwestern's Residential Network Consultants... well. There are many ways to screw with someone who's in your Wi-Fi, stealin' your 'pipes; the nicer ones are just wrong, whereas the evil ones go straight for the ol' bank account.

Don't Screw With Sparta

Worse yet, you could get a visit from the po-po, like Michigan's own Sam Peterson. The story's been making the Web 2.0-ey rounds the last few days, so I won't bore you with extreme detail. Suffice, Sam made it a point to borrow the Wi-Fi connection of a local coffee shop on a frequent basis. Seeing as he was sitting in his car, as opposed to a paying customer, that apparently violated some part of the unwritten agreement between shop-and-customer, said best by the shop's owner: "I didn't know it was really illegal, either," and "If he would have come in (to the coffee shop) it would have been fine."

Well, it's not fine now for Sam. After the police chief of Sparta, Michigan consulted the books -- tomes, more likely -- to find an applicable to charge Sam with, he successfully found the 1979 dealy. Now Sam's facing 40 hours of community service and a $400 fine -- that's a lot of missed lattes.

As one might expect, this kind of situation just opens up the legal floodgates (and as one might expect, whips up one bitter Slashdot crowd). It's the ol' chicken-and-egg problem of who's at fault: The router that's freely spitting out an unprotected Wi-Fi signal? The computer user that -- innocently or otherwise -- connects to said signal? The coffee shop that isn't protecting it's damn wireless in any shape or form? The police who seemingly have run out of graver misdeeds to punish?

While the law differs by state, it's nevertheless clear in this case: connect to a Wi-Fi network that you aren't "authorized" to use, and you're at fault. It doesn't matter if the means to gain access is a password, a coffee cup, whatever; if you shouldn't be there, you're at fault.

Quoth Metallica, So ******* What!

But what truly defines authorization? Is it a verbal "you can use my Wi-Fi, here is the password" kind of contract? Is it purely mechanical? Once the DHCP server says "Oh, hi! Here's an IP! Have fun!," is that the actual act of authorization? Again, we run into the problem from before: who's at fault?

I think the answer is pretty clear, but we first have to consider the very nature of Law itself (talk about a giant step back, eh?). Why do laws exist? To address grievances between two entities; steal from someone, and the legal system not only allows the victim to seek some form of redress, but uses the stick to encourage others of a like mind to resist the temptation to follow suit. That's the simplified version, I realize, but let's apply it to the matter at hand: what wrong was being committed? An additional user was checking his e-mail on a network that, by the coffee shop's own design, was established for the sole purpose of allowing patrons to freely access the Internet.

Where's the wrong? That the store didn't get a cup of coffee out of the guy before he fired up his laptop? Ok, in that case, I'd like to suggest that anyone who stays in a coffee shop for more than half an hour should be charged with loitering, because their 3+ hour ass-in-chair, using-their-Macbook sessions are preventing the shop from earning additional income from new, thirsty patrons who would otherwise benefit from a place to sit.

All the store had to do is what any user has to do -- put a password on the ol' Wi-Fi network. That's it. Change it every week if you must, but it's the first -- and surest -- possible solution to prevent unauthorized access. Everyone's fond of analogies when it comes to the Wi-Fi leeching debate: it's like leaving your house door open! It's like breaking through a window! et cetera. Well here's one more: an unsecured Wi-Fi connection is akin to putting all your furniture on the side of the street, and stapling a "free!" sign to the couch. If you're putting it out there, don't bitch when one person comes by with a pickup and grabs everything. Routers should be a buyer-beware kind of product, not a means for knee-jerk law enforcement.