California Passes Wi-Fi Security Guidance Law – War-Driving going down?


It seems like war-driving may become a thing of the past, legislation is starting to happen.

It’s a good start though, you have to target the manufacturers to educate their users, not target the users as they don’t care, sometimes ease of use has to be traded a bit with security.

California legislators have passed a law which will force makers of wireless internet equipment to include guidance on keeping data secure on wireless connections. The law now awaits signature by Governor Arnold Schwarzenegger.

From 1 October 2007, manufacturers must place warning labels on all equipment capable of receiving Wi-Fi signals, according to the new state law. These can take the form of box stickers, special notification in setup software, notification during the router setup, or through automatic securing of the connection. One warning sticker must be positioned so that it must be removed by a consumer before the product can be used.

The warnings would have to contain information on how to secure files, folders, and connections. Wireless internet connections can be used by anyone with Wi-Fi capability within the range of the transmitter unless they are secured.

Makes sense really right? The current law in a way can be seen to cover unauthorised wireless use.

The legislation acknowledges disagreement in the US as to whether it is legal for someone to use another person’s unprotected Wi-Fi connection. “While Section 502 of the Penal Code prohibits the unauthorized access to computers, computer systems, and computer data, authorized use is determined by the specific circumstances of the access,” it states. “There are also federal laws, including the Computer Fraud and Abuse Act […]that prohibit the intentional access to a computer without authorisation.”

In UK such warnings are not required but the position of using someone elses wi-fi connection is much clearer.

“The Communications Act includes an offence of dishonestly obtaining an electronic communications service ‘with intent to avoid payment of a charge applicable to the provision of that service’,” said Robertson. “We’ve already seen a conviction in the UK for using someone else’s Wi-Fi connection without authority.”

In July 2005, Gregory Straszkiewicz became the first person to be convicted under this provision. He was fined £500 at London’s Islewoth Crown Court. The Act provides for a maximum sentence of five years in prison and a fine.

So, is this the end of war driving?

Source: The Register

Posted in: Legal Issues, Wireless Hacking

, , , , ,


Latest Posts:


Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.


One Response to California Passes Wi-Fi Security Guidance Law – War-Driving going down?

  1. Brett Patterson August 31, 2008 at 1:12 pm #