In a discussion at TechRepublic, Wardriving – Legal or not?, IT pros debate the legality and ethics of “wardriving”. The practice involves looking for an open wireless access point, sometimes by driving around in a car with a wireless laptop computer.
This is really a borderline area. Pure wardrivers aren’t hackers – they aren’t trying to access the computer or computers on the network connected to the access point, conduct illegal activity on the Web by disguising their IP address, etc. (That’s not to say that hackers and criminals couldn’t use the wardriving approach for nefarious purposes.)
Naturally, opinion runs the full spectrum, from “radio waves are free” to “it’s illegal theft of bandwidth”. The actual legality of the practice isn’t clear, though undoubtedly case law will develop in the near future.
The ethics of the practice are a different situation, and may depend on the level of interference with the owner of the wireless network. Spending a couple of minutes online to check email, for example, will almost certainly result in no perceptible interference with the owner’s wireless activity. Spending three hours dowloading MP3s every night, on the other hand, might have the owner wondering if his ISP is delivering the right level of service. To my mind, the latter would be clearly unethical if not actually illegal.
I’m far from a regular wardriver, but like most mobile wireless users, I’ve taken advantage of the occasional open access point to make a quick connection. In most cases, these access points appeared to be semi-public commercial networks (hotels, restaurants, etc.) that didn’t require user authentication. I don’t feel that my minimal activity ever diminished the experience of other network users, and I’ve suffered no pangs of guilt about the practice.
We all know wireless security isn’t perfect, but any access point owner who doesn’t want others to connect to it has extremely simple options to keep wardrivers out. Any combination of access point cloaking, WEP encryption, and MAC address filtering won’t keep out a determined hacker, but will discourage random wireless users looking for an open path to the Internet. Users who fail to take the most elementary steps to secure their access point are essentially putting a radio station on the air and complaining when others tune into it. Wardrivers aren’t the real problem for these unsecured networks – sooner or later, someone with more nefarious intentions will find them and cause a real problem.