Next time you decide to 'borrow' your neighbour's badly configured WiFi connection, you might want to look over your shoulder to make sure the police aren't watching.
According to an article over on The Register
, an un-named sixteen year old in Lincolnshire has been arrested under the suspicion of illegitimately using his neighbour's unsecured WiFi connection to browse the web.
Originally arrested on the 5th of October under the Computer Misuse Act 1990, the youth was accused of “hacking
” the wireless access point belonging to his neighbour and removing the encryption so he could surf unfettered. The individual was tracked down by the access point's DHCP server recording the host name of every computer to which it grants a lease – the boy's computer was configured by his father and had the host name set to his full name, making tracing the youth somewhat easier than it might otherwise have been.
The youth, on the other hand, tells a different story. With his own WiFi connection configured and working, he argues that he would have no reason to use his neighbour's connection over his own. He admits, however, that it is possible he accidentally clicked on his neighbour's connection by mistake – Windows having the feature of offering to automatically connect to any network it sees. For this to have happened, the access point must have been unencrypted
– something the youth is accused of arranging for his own ends, but a setting which is the default of many commercial access points unless explicitly changed.
Although the youth was questioned between 2100 and 2345 that night, he was released on bail pending further enquiries. The boy's father has since received a a letter cancelling the bail and informing the family that no action would be taken – giving the father cause to complain over what he is referring to as the “unlawful arrest and detention
” of his son.
What is most interesting about this case – even though it fell at the first hurdle and was dropped before charges were ever brought – is that the youth is not accused of using the connection for anything bad
, but merely of using the connection at all
. If the connection was, as he claims, unencrypted and configured with a generic SSID – especially a common name like LINKSYS which it may well share with his own connection – it's hard to see how he could be guilty of a crime at all.
Do you believe that WiFi 'piggybacking' should be a crime, or is it up to network owners to secure their own equipment if they don't want others using it? Share your thoughts over in the forums