[nuxi7]

Since marketing and selling jamming devices is illegal, I would like to know what the FCC is going to do about the supply chain. We know these are all using well known advertised features of enterprise wireless gear. Are they working on a consent decree with Cisco/Aruba/etc to stop including this feature? Or are they going to play whack-a-mole with end users for the next decade?

[Someone1234]

Indeed jamming is illegal. Anti-rogue AP tech' is a grey area.

It doesn't jam the spectrum in the traditional sense. Instead it transmits packets telling the AP and client to disconnect from one another for WiFi networks it doesn't "own." That within itself isn't technically "jamming" and is also likely legal in some cases.

The whole point of the tech is: If you own a network called "CorpWiFi," someone can come along, set up their own AP, and call their WiFi "CorpWiFi" to try and trick clients into connecting to it with the goal of stealing information. Cisco's anti-rogue AP tech attacks these hotspots and causes continuous disconnects. That is likely legal.

What is not legal is using this same tech' to disconnect ALL WiFi hotspots within range. So instead of using it to go after "CorpWiFi" you also disconnect "MyWiFi" and "FreeWiFi" which are networks you don't run. That's what has got these guys into trouble.

The technology itself is legal. Using the technology in the US is also legal in some cases. Using it to effectively corner the market for WiFi in certain areas is illegal.

[wahsd]

I don't see how anti-rogue AP tech can be legal either unless it is within the confounds of your own property. Where WiFi jamming is technically also legal if it does not affect any external party.

What gives you, company xyz, the right to essentially DoS an AP just because they share the SSID? Just because you call something CorpWiFi, doesn't really make it legal to DoS someone else's SSID that is also called CorpWiFi. There does not seem to be any kind of legal framework that would allow you do so, but inversely, you are essentially then not only committing multiple types of crimes, but you are also violating free speech.

I get the reason, but the solution really needs to be something else, even if that something else is some sort of change to the WIFI spec and inclusion of some kind of authentication or security layer.

[ssalazar]

> you are also violating free speech

Of course, since the example you described is an interaction between two private parties, there is no legal notion of free speech to violate.

[Retric]

The airwaves are considered a public space so it's not two private parties and the rules are different. (You can't just use air raid sirens to disrupt a public protest.) However, at a minimum you are likely to run into issues with the computer fraud and abuse act because your interfering with two other parties, and that has rather stiff penalties.

PS: Random noise is one thing; hacking someone’s Wi-Fi even using such a simplistic approach is very different.

[sliverstorm]

It's two private parties acting in a public space. It may still be illegal to interfere, but the first amendment protects you from the government, not from other individuals.

You can't just use air raid sirens to disrupt a public protest

I'm not 100% up on my civil rights/protest law, but if you are a private party, I suspect you could. It is, for example, 100% legal to surround a protest with other people holding sheets to block them & their signs from view.

[Retric]

https://en.wikipedia.org/wiki/Disturbing_the_peace

This can include creating loud noise

Of note: A violation of a noise ordinance is in most jurisdictions not considered a disturbance of the peace unless the perpetrator has disregarded an affirmative request that he or she reduce the noise to a reasonable level. However, that would be implied in the air raid siren case.

Anyway, I agree it's not the 4th that's the issue. But, it's still unlawful conduct.

[LordKano]

Where WiFi jamming is technically also legal if it does not affect any external party.

I'll concede the possibility that my understanding is incorrect but jamming is flat out illegal(for non-government entities). It's illegal to even sell jamming devices. I remember a few years ago, the FCC started threatening movie theaters that had been jamming cell phones.

[DrStalker]

What is the legal definition of a jamming device? The wifi jamming being discussed does not interfere with any existing radio communications, it adds extra packets of data that the client device interprets. The original signal is fine, it's just not usable in a practical sense.

Broadcasting white noise on wifi frequencies to drown out communications is the sort of jamming that is clearly illegal, this likely isn't jamming under current laws.

[Fjolsvith]

There was also a guy in Florida who went to jail because he ran a jammer in his car during his work commute so people wouldn't text and drive around him.

[wahsd]

I am not 100% sure, but I think if you are jamming signals on your own, personal, private property and the jamming does not extend past your boundaries, it might be legal. But that is an edge case that really doesn't apply in the vast majority of situations. The rule of thumb would essentially be that if you are jamming someone's signal outside of the strict boundaries of your personal, private property you are doing so illegally.

[friendzis]

Especially in public gathering business, when you are subleasing some part of the attraction (alcohol, wifi) there are provisions in the contracts to ensure the provider is the only one providing the service. That's why it is usually illegal to bring own alcohol to festival. In this case they could argue to have acted in good faith according to the contract. Should the wifi provider/venue operator first block all APs and then accept rebutals that it is for personal use, or attempt investigations if given AP is for sale?

[PhasmaFelis]

Illegal contract provisions are not enforceable. I can sign a contract saying you can jam my wifi, I can sign a contract saying you can kill me and serve me as the main course at the banquet, but you're still not actually allowed to do those things.

[notacoward]

According to their response, it was within the bounds of their (leased) property. Not saying that makes it right, but FYI.

[FireBeyond]

Yeah, still doesn't give them legal claim to 'This Wifi SSID'. Also, there are trespass statutes for people behaving as you don't wish within private property.

"Within the bounds" - so their walls are RF shielded, then?

[notacoward]

> Yeah, still doesn't give them legal claim to 'This Wifi SSID'

Nobody has a legal claim to any wifi SSID. They don't have an exclusive claim to the conference SSID, and you don't have a legal claim to your hotspot's SSID (the one that's actually at issue here). Conflicts can occur, and the law has nothing to say about them.

> Also, there are trespass statutes for people behaving as you don't wish within private property.

Yes, there are, but it's not the FCC's role to enforce those particular statutes (nor should it be). The real question is whether the FCC should be unilaterally setting policy regarding interference at the MAC level where things like de-auth packets come into play. That's being discussed in another sub-thread, so I won't repeat the points here.

> Within the bounds" - so their walls are RF shielded, then?

No more that the average corporate HQ, but there seems to be a consensus here that doing the same thing in that context would be A-OK. Why the different treatment for two situations that are equal under the law?

[FireBeyond]

Right. They don't. But they seem to think they can send de-auth packets that effectively say to third parties, "I am going to disconnect you from this network". That is at the least -implicitly- saying "I am claiming this SSID, and I am willing to use power/technology/tools to enforce this, whether you like it or not, whether I have the right to or not".

I never said the FCC was involved in enforcing trespass statutes. If there are people on your private property behaving in a way you deem unacceptable (even if legal), then the solution is to remove them from your property, not for you to illegally interfere with the use of the spectrum. That's vigilantism.

The Corp HQ example seems to work because there are clauses that surround intentional deception and the risk to security that could come there-from. When CorpHQSSID access points de-auth packets to an unauthorized access point using the same SSID.

That -wasn't- what was happening here. The convention center was saying "I don't care what your use of the wireless spectrum is, your hotspot, whatever, I'm going to interfere with it so that my SSID is the only one usable (oh, enter your credit card number here)".

Your contortion of logic, willful and disingenous ignorance of contradictions and interpretations don't change these facts. The issue was discussed many times, many lawyers were involved, and the outcome was decided - whether you think it should be or not (your perfect right), it -is- illegal.

[iopq]

You know if a private individual was disrupting a corporation's WiFi he'd be put in prison, right? People got sued for just using WiFis without permission, not even by the owners, but by the government.

[jellicle]

> Cisco's anti-rogue AP tech attacks these hotspots and causes continuous disconnects. That is likely legal.

Why would it be legal to order your computing device to disrupt someone else's computing services?

Just for reference here, under US Federal law:

> knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;

> the term “damage” means any impairment to the integrity or availability of data, a program, a system, or information;

A protected computer is any computer connected to the internet.

Taking any action to impair the availability of data, a program, or a system to any computer connected to the internet is a felony in the United States.

[morcheeba]

That's the Computer Fraud and Abuse act -- not the FCC's domain of wireless spectrum.

[jellicle]

You're right! It is also a crime under the FCC laws. If you manage to interfere with internet-connected computers, using radio communication, you're breaking multiple laws at once. Better hope you have a good lawyer.

[Dylan16807]

You could make an argument that if they set the SSID to CorpWiFi that they have joined the CorpWiFi network, and it's perfectly okay for other parts of that network to decide what connects to what.

There's probably a way to use the CFAA against someone setting up a fake AP, too.

[drzaiusapelord]

>The whole point of the tech is: If you own a network called "CorpWiFi," someone can come along, set up their own AP, and call their WiFi "CorpWiFi" to try and trick clients into connecting to it with the goal of stealing information.

Then contact law enforcement. Building out some vigilante feature into AP's is completely asinine. This is like me seeing someone speed on the expressway and trying to pull them over myself. Of course, we'll abuse that power if given to us!

The FCC needs to up its game. Either allow us to do whatever the hell we want or stop the bad guys. You either have police or you don't. This middle ground of outsourcing enforcement to Cisco and Aruba and other deep pocketed enterprise players was, predictably, abused by terrible corporate citizens and puts home users as a disadvantage as their equipment doesn't have these features.

Or heaven forbid the FCC get off the big donors/money train and strongarm some spectrum so we have more for wifi in the ISM band. How much spectrum is wasted right now on analog radio or other dinosaur services that can be downsampled into bandwidth efficient digital transmissions? Its incredible we have so few bands for our most used infrastructure. Hell, give us channel 14 at least. Figure out a safe way to do this here. We're dying for spectrum yet deep pocketed players buy all they need (mobile networks, clear channel, etc). That's the core problem hereand until we get more wifi spectrum, these shenanigans will continue in one form or another. Smart City isn't knocking you offline because you're some kind of wifi pirate, they're doing it because they want to hog the limited spectrum for their convention customers.

If pirating ssid's were a real problem, we'd all be proposing an ssl-cert like system to verify identities or at least some kind of web of trust to avoid rogue AP's. But its not, its a complete red herring. The real issue is the stingy amount of spectrum allocated to us.

[superuser2]

>Then contact law enforcement. Building out some vigilante feature into AP's is completely asinine. This is like me seeing someone speed on the expressway and trying to pull them over myself. Of course, we'll abuse that power if given to us!

No, it's like any corporation's private security asking you to leave. (Which they absolutely will.)

[DenisM]

Except you don't have property rights over the radio spectrum, unless you licensed it from FCC. It doesn't matter that it's your physical territory - the radio spectrum belong to FCC and them alone.

Similarly, you don't have any rights over the airspace above your land - the FAA does.

[amyjess]

Use of unlicensed radio spectrum requires that you accept any interference caused by others.

[gruez]

so would jamming also count as "interference caused by others"?

[georgemcbay]

Well, yes, but in addition to agreeing to accept interference users of this spectrum also are not allowed to cause interference, so this isn't a good defense strategy for those who would jam you.

https://en.wikipedia.org/wiki/Title_47_CFR_Part_15 (see: subpart .5)

[drzaiusapelord]

These companies have enough lobbying dollars to make LE care. LE cares about me pirating Hollywood movies, doesn't it? That didn't just magically happen on its own.

[superuser2]

Those features are legitimate when the targeted AP is illegally on the corporate LAN, impersonating the legitimate APs, and/or a personal hotspot in an environment where data exfiltration is a concern.

In places where the public goes (hotels, convention centers) they are absolutely wrong but they're still important to enterprise security on corporate campuses.

[notacoward]

You raise an interesting point. As far as I know, the law doesn't recognize concern about exfiltration as a factor distinguishing "legitimate" vs. "illegitimate" use of these features. It just makes a public vs. private distinction, and the convention spaces in question were considered private. In Smart City's response, they point out that they also provide service in public spaces, and took pains to ensure that users there weren't affected. Is that "illegitimate" in your book? How would you even craft a law that would prohibit them from doing this, without also preventing the "legitimate" corporate use you mention?

Where I think Smart City's argument falls down is not that managing the network within their private space is generally wrong or illegal. Their failure seems to have been that the users whose hotspots they were killing had entered into no agreement not to bring or use those devices. Had that been a part of the event registration, I for one might have declined to attend, but I also think the FCC might then have been right - per the law - to have decided differently.

[jsprogrammer]

Just because some people consent to you interfering with WiFi signals, doesn't mean you are allowed to do it. You'd need to completely wrap your transmitters in a Faraday cage and hold the entire convention inside it, only allowing people who have signed your bizarre and draconian contract, that allows you to interrupt their WiFi signals, in to the venue.

[acveilleux]

The FCC went out of their way to clarify that security concerns (of which exfiltration of corp data is one) were an issue, quoting the article:

> No evidence exists that the Wi-Fi blocking occurred in response to a specific security threat to Smart City’s network or the users of its network.

A corporate network could probably meet that hurdle, it's not clear however they'd get away with it if it also shut down the neighbor's wifi...

[jellicle]

"Legitimate" here may mean that you agree with the use in those cases, but don't mistake it for "legal", which it is not, at least in the last two instances. Corporate LAN is an interesting one.

[radisb]

Hypothetical question: I buy some land to host conventions. I make the buildings and enclose them in a big faraday cage. Then I make deals with anyone that agrees: Whoever wants to host a convention in my center, they will accept that inside the convention center, there will not be any kind of transmission, except my own wifi. Leaving aside the ways I could accomplish this, is what I want legal?

[tzs]

There's a hack you could do to make it so it is illegal for people to operate Wifi in your convention center.

Wifi spectrum is shared with other services. I am aware of at least the following services that use all or part of the same spectrum that 2.4 GHz wifi uses:

1. Radiolocation services (e.g., radar).

2. Industrial, Scientific, and Medical (ISM) devices operating under Part 18 of the FCC regulations.

3. Amateur radio (ham) operators operating under Part 97 of the FCC regulations.

4. Wifi, RF remote controls, Bluetooth, microwave ovens, cordless phones, wireless microphones, and many other things, operating under Part 15 of the FCC regulations. (Note: note all instances of all of these devices will be in the 2.4 GHz band. For instance. There are other bands available for most of these, and which a particular device uses is up to the manufacturer).

There may be other services operating under other parts of the FCC rules that I did not list (because I don't know about them).

The above are listed in order of priority. The rules are simple:

• You cannot interfere with users of services above yours the list. For instance, if a ham radio operator interferes with an ISM user, the ham has to stop the interference. How he does that is up to the ham...he could reduce power, or use a directional antenna aimed away from the ISM device, or move to a different frequency, but if he can't stop the interference by such means, then he has to stop transmitting.

• If a user of a service above you on the list interferes with you, it's entirely your problem, not theirs. They have no obligation whatsoever to take any steps to reduce or eliminate their interference with you.

So here is the hack. Get some part 18 certified ISM device that is very sensitive to interference from wifi--so sensitive that it is pretty much impossible to operate wifi near it without interfering--and operate it on site. Now anyone who fires up wifi will interfere, and you can ask them to stop and if they do not they are violating FCC regulations.

[unsignedint]

I think you have #2 and #3 backward. ISM is unlicensed and can't cause interferences to ANY licensed radio services, that's including amateur radio users.

[tzs]

I checked the regs, and looks like they may be effectively on the same level.

47 CFR 97.301 says that the sharing requirements for hams in 2.390-2.450 GHz are given by 97.303(d), (e), and (p).

97.303(e) says: "Amateur stations receiving in the 33 cm band, the 2400-2450 MHz segment, the 5.725-5.875 GHz segment, the 1.2 cm band, the 2.5 mm band, or the 244-246 GHz segment must accept interference from industrial, scientific, and medical (ISM) equipment".

So, hams must accept interference from ISM in that band, which would put hams equal or below ISM on my list...BUT I cannot find anything that says hams must not interfere with ISM, which would indicate hams should be equal or above ISM.

[unsignedint]

The one thing about ISM is that a lot of those are actually transmitting only; for instance, microwave oven. The fact that amateur radio service needs accept interference from ISM equipments just indicates the fact that hams can't report instances of interferences to FCC (as long as such devices are operating under proper conditions as described under Part 18) and unlicensed services usually receive very little protection, if at all, from interferences caused by licensed services.

[RogerL]

Blocking wifi is illegal absent security issues:

https://www.fcc.gov/document/warning-wi-fi-blocking-prohibit...

It doesn't matter if you own the land. Land ownership does not confer rights to the airwaves, the air space, and often things like mineral rights.

[lstamour]

Not sure. If someone has a cell phone and needs to call 911, would you be held liable for their inability to make that call?

[intrasight]

I've always worked on the assumption that it is within my right to build my private facility out of copper if I choose, and the fact that your cell phone doesn't work in my facility is your problem not mine. I am not "jamming" any signals. I would be interested to hear counter-arguments from those familiar with the FCC rules on this matter.

[sliverstorm]

Maybe if intent to jam wireless could be demonstrated, but there are no codes I know of that require a certain level of permittivity in a building, and indeed many buildings all but squash signals- and that is the user's problem.

[meepmorp]

> If someone has a cell phone and needs to call 911, would you be held liable for their inability to make that call?

I've been in plenty of buildings with terrible-to-nonexistent cell reception. I somehow doubt that they'd be held liable if I wasn't able to get reception to make a 911 call. I can't see that the large Faraday cage example is appreciably different.

[RogerL]

The FCC begs to differ: https://www.fcc.gov/document/warning-wi-fi-blocking-prohibit...

[anigbrowl]

No it doesn't. That ruling is about the illegality of deploying a wi-fi protocol that's meant to interfere with other communication.

A purely passive barrier to electronic signals is a completely different thing. There are no rules against Faraday cages, and the FCC is perfectly aware of them and what they are for; it OKs the use of Faraday cages for use with experimental radio technology that would otherwise require a special permit.

[radisb]

So it is illegal. So basically I am not free to block hot spots in my own area if I use it for public access, which essentially amounts to "Even if you own an area, whenever it is publicly accessible, you do not own its 'air'". I find it a bit too restrictive.

[PhasmaFelis]

A lot of people want land ownership to mean that they have absolute dictatorial power over everyone and everything on their land. We, as a society, have decided that this is silly, and that most crimes outside your land remain crimes inside your land. I can't really disagree.

[radisb]

I dont know, but it's my property and it seems logical that as long as they know they cant make that call, the decision is theirs and so is the liability.

[grecy]

I've always wanted to open a bar where cell phone and wifi signals are blocked.

I'd put big signs up announcing that fact, and it would be awesome to see the kinds of people that actively want to hangout where cell phones don't work.

[vinceguidry]

You could do that. Just ask people who you see using cell phones and laptops to leave. You don't have to resort to violating federal law.

[brianwawok]

I mean the retro bars in Chicago ban cells. I am sure the west coast has some too.

[mmanfrin]

Difficulty in enforcing a prohibition is not an argument against the prohibition itself.