On Thu, 7 Nov 2002, Bill Nash wrote:

>
> On Thu, 7 Nov 2002, Matt Alexander wrote:
>
> > Anyone up for a game of "Let's incriminate ourselves on a public mailing
> > list"?
> >
>
> 	Only if you're up for a quick round of 'Hi, I'm a jackass.'
> You seem to be uber-informed, please enlighten us as to the specific
> (il)legalities involved with war driving. Please devote extra time to the
> distinction between active and passive monitoring, because I'm extra
> curious about that.

Well, there was this case:
http://www.theregister.co.uk/content/55/26397.html

If you simply identify an access point, then there's nothing wrong with
that.  If you go further and access any services, then you could be
charged with trespassing, theft of services, etc.

Here's an interesting post on the 'net I found:
(http://legalminds.lp.findlaw.com/list/cyberia-l/msg41515.html)

there is an FCC rule that, except for broadcast transmissions, a
third-party eavesdropper cannot divulge the CONTENT of an intercepted
radio transmission.  Some of the information included in a chalk-mark
arguably discloses content.


Here's another interesting post:
(http://dfwwireless.org/listarchive/msg00217.html)

War Chalking

So what could possibly be wrong with war chalking? The EPCA states that,
"intentionally disclos[ing], or endeavor[ing] to disclose, to any other
person the contents of any wire, oral, or electronic communication,
knowing or having reason to know that the information was obtained through
the interception of a wire, oral, or electronic communication in violation
of this subsection" is subject to fine and imprisonment of up to 5-years.

If similar verbiage were adapted to cover 802.11 transmissions then merely
marking an 'X' where wireless traffic has been observed would doubtfully
violate the law. But, war chalkers use many more symbols. Simply
disclosing whether or not WEP was enabled could possibly be a violation.


And apparently the FBI doesn't look too highly on WarDriving:
http://www.politechbot.com/p-03884.html


My thought would be that if a company learned of someone listening on
their network, no matter how insecure the network might be, the company
could probably get the person charged with "hacking."
~M