Comments on: How do I confront a corporate bandwidth thief?

Question: How do I confront a corporate bandwidth thief?

Hot Like Your 12V Wire — Thu, 22 Jun 2006 06:31:45 -0800

A corporate computer has connected to my wireless network and is wasting bandwidth. How can I stop this and get compensated?

A health company's computer has been on my wifi network for the past few days. I leave the network open normally for casual users, but my local ISP has me paying for bandwidth rather than a set price. This particular computer has been sucking large amounts of bandwidth, and I want to confront the company about this. I've screencapped and documented logs--should I draw up legal forms? Is this something I need to have a lawyer do?

By: edd

edd — Thu, 22 Jun 2006 06:38:48 -0800

Do you want them to stop, or do you want compensation for the bill?

If just the former, have you tried knocking on the door and telling them about the problem?

By: Gungho

Gungho — Thu, 22 Jun 2006 06:41:19 -0800

It is called WEP. It requires a password. It is a good thing.

By: jellicle

jellicle — Thu, 22 Jun 2006 06:42:43 -0800

On most wireless routers, you can go in and ban a particular MAC address from connecting, even if the network is unencrypted.

But beyond that - WTF? You intentionally leave your network open for anyone to connect. Someone connects. You then want to file a lawsuit against them for something, trespass to chattels I guess, because you don't like how they're connecting? You realize that Windows automatically connects to open wireless networks, that the user probably isn't even aware that he's not on his corporate network?

By: pardonyou?

pardonyou? — Thu, 22 Jun 2006 06:42:45 -0800

What "legal forms" do you think you could draw up? You left your network open specifically for others to use -- the fact that you intended for only casual users to take advantage of it is pretty much irrelevant. I would ask them to stop, I would protect your network, but I think you should be prepared to be laughed at if you ask the company to pay.

By: sohcahtoa

sohcahtoa — Thu, 22 Jun 2006 06:44:25 -0800

This doesn't really answer the question, so I won't be hurt if it gets deleted.

I'm an employee of a healthcare company and I've been sucking up anonymous wifi bandwidth all week. I'm in the middle of a move and staying with inlaws right now.

If the owner of this access point were to complain to my employer I'd be in deep shit.

So, I don't know how to answer your question, but realize that pursuing legal action could easily get an individual in trouble. Do you know who or where this computer is? Can you go knock on their door?

By: Mr. Six

Mr. Six — Thu, 22 Jun 2006 06:50:17 -0800

Without taking steps to secure your network, since you have no contract with this company you probably have no legal recourse to gain recompense for the services they used. Nonetheless, you would want to talk to a lawyer. And you don't want WEP, but rather WPA Personal.

By: BigLankyBastard

BigLankyBastard — Thu, 22 Jun 2006 06:55:29 -0800

As a PC Techie, I have to agree with those saying you want it both ways. For one thing, it's positively reckless of you to leave your WLAN unsecured when your ISP charges you by bandwidth usage! Come to think of it, it's positively reckless to leave your WLAN unsecured, period.

As to the cost incurred, I don't think you'll have a leg to stand on, legally. If you do in fact complain to the company involved, they may just pay up if you ask nicely, but they'll probably chuckle condescendingly and escort you out.

Suck up the cost, and secure your network. You wouldn't leave your car unlocked with the keys on the dash, or your front door wide open all day and night, I see this as no different.

By: adamrice

adamrice — Thu, 22 Jun 2006 07:02:37 -0800

If you've got an open node, you're really in no position to complain—that would be like a radio station complaining that listeners are tuning in (I believe there have been legal findings to this effect).

However, yeah, you can ban MAC addresses, you can enable WEP, and if you wanted to get fancy you could force users to a log-in screen and notify them "hey, please don't suck my bandwidth."

By: skallas

skallas — Thu, 22 Jun 2006 07:02:53 -0800

Yes, you need a lawyer. Yes, you will lose. Yes, you will not get "compensated." Yes, leaving a wap open makes you liable.

By: malevolent

malevolent — Thu, 22 Jun 2006 07:08:56 -0800

The health company's been using your open connection, but that also means you've potentially had access to sensitive information they've been transferring, or could've gained access to their systems. Do you really want to risk triggering their paranoia/retaliation?

Secure your network and hope that that's the end of the matter.

By: Malor

Malor — Thu, 22 Jun 2006 07:09:05 -0800

WEP does almost nothing. Don't use it. Use WPA or WPA2... 2 is better, and virtually everything supports it.

By: twiggy

twiggy — Thu, 22 Jun 2006 07:17:00 -0800

You probably won't get compensated, although interesting precedent has been set today regarding an arrest for wifi leeching.

I would like to know: Are you aware that you can put a password on your wireless connection to restrict people from using it? Someone above assumes you know this and intentionally left it open anyway -- is that the case?

By: oaf

oaf — Thu, 22 Jun 2006 07:18:11 -0800

WEP does almost nothing. Don't use it. Use WPA or WPA2... 2 is better, and virtually everything supports it.

Not true that WPA is supported by virtually everything. Also WEP works well enough to tell people "hey, don't use this if you shouldn't be," and if the corporate computer circumvented it and used the network anyway, he'd probably be able to get damages because the network was no longer open. (I am not a lawyer, and I believe this area of law is somewhat uncharted.)

By: chunking express

chunking express — Thu, 22 Jun 2006 07:29:31 -0800

If you want to stop them from leaching, but want to leave the connection open, block their particular MAC address, which most routers will let you do. They should show up in the client list of your router if they are connected (i think) so you should be able to find their MAC address that way.

By: altolinguistic

altolinguistic — Thu, 22 Jun 2006 07:31:27 -0800

Use WPA if you can. If you're running an open wireless network, you can't complain if someone connects to it.

By: altolinguistic

altolinguistic — Thu, 22 Jun 2006 07:32:44 -0800

If you want people around you to be able to use it, you could set your SSID to be 'email xxxxxxx@xxxxxx for WPA password'.

By: Mitheral

Mitheral — Thu, 22 Jun 2006 07:51:09 -0800

altolinguistic writes "If you want people around you to be able to use it, you could set your SSID to be 'email xxxxxxx@xxxxxx for WPA password'."

Course they won't be able to email you until they have a net connection.

I'd block the MAC but be aware they are trivial to change so watch for the computer to come back with a new MAC. If they persist let the company know that you log the contents of all traffic.

By: chunking express

chunking express — Thu, 22 Jun 2006 07:52:56 -0800

Chances are the computer is on the wifi network by accident. I think blocking the MAC should suffice. If they go to the effort of changing the MAC, then I guess they are being malicious.

By: mkultra

mkultra — Thu, 22 Jun 2006 07:59:48 -0800

should I draw up legal forms?

For what? YOU LEFT YOUR ACCESS POINT OPEN, specifically for "casual users". You can't have it both ways.

Criminy, man, just put a password on it.

By: Gable Oak

Gable Oak — Thu, 22 Jun 2006 08:20:43 -0800

Do some packet sniffing. Keep a log of the unencrypted data they're transferring over your network. There's always the blackmail option!

In all seriousness, I'd be ticked off if I was a client of this company and someone was using an unsecure connection to poke around in my health records. Of course, I'd never know...

By: LarryC

LarryC — Thu, 22 Jun 2006 08:23:22 -0800

Also, if the workers at the offending company are on XP, isn't it possible that they don't even realize they are using your network?

By: altolinguistic

altolinguistic — Thu, 22 Jun 2006 09:19:36 -0800

Mitheral - oops. OK then, 'phone XXX-XXXX to get password'.

By: IvyMike

IvyMike — Thu, 22 Jun 2006 09:41:51 -0800

I agree with LarryC.

When I helped my sister set up wireless in her apartment, I spent about an hour helping her first get the router up and running, getting the ethernet-connected computers running, and finally, enabling encryption and setting a password. (I was doing this all over the phone.)

Then, when she finally sat down at the laptop and plugged in the wireless card, she said, "Cool, it just works, thanks!" We hadn't typed in the password yet, though! The laptop had automatically connected to the unsecured network next door. When I told her she was a hacker and stealing bandwidth, she was horrified.

We got her set up using her network, but the point is this: she wasn't even aware that she was 'stealing' bandwidth.

By: lia

lia — Thu, 22 Jun 2006 10:08:28 -0800

When I told her she was a hacker and stealing bandwidth, she was horrified.

She should've been horrified at you, IvyMike, because she wasn't a hacker and wasn't stealing anyone's bandwidth. Leaving a wireless network completely open and then whining about how it gets used is like not having blinds and then complaining that your neighbors keep seeing you naked. Either you want to share your bandwidth with strangers/be an exhibitionist, or you don't—make your choice and live with it.

That said: Hot Like Your 12V Wire, if you do still want casual users to be able to use your connection, the login screen idea is a good one. My friend John runs a project called Neighbornode that you might want to check out.

By: DuckFOO

DuckFOO — Thu, 22 Jun 2006 13:23:26 -0800

I disagree with Lia somewhat. I think it is more like leaving the door of a house open. Sure, you could go right in but it is still trespassing. Recent law enforcement actions seem to agree with this view.

Still, in this day and age, leaving a wireless point totally unprotected is foolish. Aside from bandwidth issue, the person making use of the free access could be doing illegal things that could get you looked at by law enforcement, which can be costly and timely to sort out.

By: IvyMike

IvyMike — Thu, 22 Jun 2006 16:04:02 -0800

She should've been horrified at you, IvyMike, because she wasn't a hacker and wasn't stealing anyone's bandwidth.

Man. As it turns out, she understood I was joking. She was pretty aware that she wasn't a hacker. :)

I guess she was a little horrified, but mostly because she realized how many people had unsecured networks and were probably unware that strangers were using them. Later tests showed that there were more than 10 networks reachable from her apartment (a different list each time we refreshed) and only one or two of them were secured at all.

Getting back to the original question, though: if you leave your network open, people will use it, possibly unintentionally. If you want to have users stick to a "terms of service" on your network, you've got to have some way of making people aware of it.

By: lhauser

lhauser — Thu, 22 Jun 2006 20:11:29 -0800

I wish my Palm wifi card supported WPA like "virtually everything" ...

By: Hildago

Hildago — Thu, 22 Jun 2006 20:15:47 -0800

I think it's cool that you leave your network open for other people to use. I know that I appreciate it when I am on my laptop and able to get a connection because somebody is being generous with their bandwidth. When I do it I try to be a good guest, as do most other people I know.

Paradoxically, open networks have become less and less common the more popular wireless becomes, because there are more horror stories and law suits that scare people into thinking that someone is parked in their driveway stealing their credit card number or trafficking in child pornography. This is what happens when things get popular, I guess.

That said, you should block the MAC address of the health company dork who's abusing your generosity, knowingly or unknowingly. Whether or not you want to close your network is up to you, but if you leave it open you may want to consider changing to a different provider that's not going to charge you by the bit.