[Someone1234]

Indeed jamming is illegal. Anti-rogue AP tech' is a grey area.

It doesn't jam the spectrum in the traditional sense. Instead it transmits packets telling the AP and client to disconnect from one another for WiFi networks it doesn't "own." That within itself isn't technically "jamming" and is also likely legal in some cases.

The whole point of the tech is: If you own a network called "CorpWiFi," someone can come along, set up their own AP, and call their WiFi "CorpWiFi" to try and trick clients into connecting to it with the goal of stealing information. Cisco's anti-rogue AP tech attacks these hotspots and causes continuous disconnects. That is likely legal.

What is not legal is using this same tech' to disconnect ALL WiFi hotspots within range. So instead of using it to go after "CorpWiFi" you also disconnect "MyWiFi" and "FreeWiFi" which are networks you don't run. That's what has got these guys into trouble.

The technology itself is legal. Using the technology in the US is also legal in some cases. Using it to effectively corner the market for WiFi in certain areas is illegal.

[wahsd]

I don't see how anti-rogue AP tech can be legal either unless it is within the confounds of your own property. Where WiFi jamming is technically also legal if it does not affect any external party.

What gives you, company xyz, the right to essentially DoS an AP just because they share the SSID? Just because you call something CorpWiFi, doesn't really make it legal to DoS someone else's SSID that is also called CorpWiFi. There does not seem to be any kind of legal framework that would allow you do so, but inversely, you are essentially then not only committing multiple types of crimes, but you are also violating free speech.

I get the reason, but the solution really needs to be something else, even if that something else is some sort of change to the WIFI spec and inclusion of some kind of authentication or security layer.

[ssalazar]

> you are also violating free speech

Of course, since the example you described is an interaction between two private parties, there is no legal notion of free speech to violate.

[Retric]

The airwaves are considered a public space so it's not two private parties and the rules are different. (You can't just use air raid sirens to disrupt a public protest.) However, at a minimum you are likely to run into issues with the computer fraud and abuse act because your interfering with two other parties, and that has rather stiff penalties.

PS: Random noise is one thing; hacking someone’s Wi-Fi even using such a simplistic approach is very different.

[sliverstorm]

It's two private parties acting in a public space. It may still be illegal to interfere, but the first amendment protects you from the government, not from other individuals.

You can't just use air raid sirens to disrupt a public protest

I'm not 100% up on my civil rights/protest law, but if you are a private party, I suspect you could. It is, for example, 100% legal to surround a protest with other people holding sheets to block them & their signs from view.

[Retric]

https://en.wikipedia.org/wiki/Disturbing_the_peace

This can include creating loud noise

Of note: A violation of a noise ordinance is in most jurisdictions not considered a disturbance of the peace unless the perpetrator has disregarded an affirmative request that he or she reduce the noise to a reasonable level. However, that would be implied in the air raid siren case.

Anyway, I agree it's not the 4th that's the issue. But, it's still unlawful conduct.

[sliverstorm]

Ok, maybe no air raid sirens. But you could talk over them, which is a bit more analogous to what was done here :)

[LordKano]

Where WiFi jamming is technically also legal if it does not affect any external party.

I'll concede the possibility that my understanding is incorrect but jamming is flat out illegal(for non-government entities). It's illegal to even sell jamming devices. I remember a few years ago, the FCC started threatening movie theaters that had been jamming cell phones.

[DrStalker]

What is the legal definition of a jamming device? The wifi jamming being discussed does not interfere with any existing radio communications, it adds extra packets of data that the client device interprets. The original signal is fine, it's just not usable in a practical sense.

Broadcasting white noise on wifi frequencies to drown out communications is the sort of jamming that is clearly illegal, this likely isn't jamming under current laws.

[Fjolsvith]

There was also a guy in Florida who went to jail because he ran a jammer in his car during his work commute so people wouldn't text and drive around him.

[wahsd]

I am not 100% sure, but I think if you are jamming signals on your own, personal, private property and the jamming does not extend past your boundaries, it might be legal. But that is an edge case that really doesn't apply in the vast majority of situations. The rule of thumb would essentially be that if you are jamming someone's signal outside of the strict boundaries of your personal, private property you are doing so illegally.

[friendzis]

Especially in public gathering business, when you are subleasing some part of the attraction (alcohol, wifi) there are provisions in the contracts to ensure the provider is the only one providing the service. That's why it is usually illegal to bring own alcohol to festival. In this case they could argue to have acted in good faith according to the contract. Should the wifi provider/venue operator first block all APs and then accept rebutals that it is for personal use, or attempt investigations if given AP is for sale?

[PhasmaFelis]

Illegal contract provisions are not enforceable. I can sign a contract saying you can jam my wifi, I can sign a contract saying you can kill me and serve me as the main course at the banquet, but you're still not actually allowed to do those things.

[notacoward]

According to their response, it was within the bounds of their (leased) property. Not saying that makes it right, but FYI.

[FireBeyond]

Yeah, still doesn't give them legal claim to 'This Wifi SSID'. Also, there are trespass statutes for people behaving as you don't wish within private property.

"Within the bounds" - so their walls are RF shielded, then?

[notacoward]

> Yeah, still doesn't give them legal claim to 'This Wifi SSID'

Nobody has a legal claim to any wifi SSID. They don't have an exclusive claim to the conference SSID, and you don't have a legal claim to your hotspot's SSID (the one that's actually at issue here). Conflicts can occur, and the law has nothing to say about them.

> Also, there are trespass statutes for people behaving as you don't wish within private property.

Yes, there are, but it's not the FCC's role to enforce those particular statutes (nor should it be). The real question is whether the FCC should be unilaterally setting policy regarding interference at the MAC level where things like de-auth packets come into play. That's being discussed in another sub-thread, so I won't repeat the points here.

> Within the bounds" - so their walls are RF shielded, then?

No more that the average corporate HQ, but there seems to be a consensus here that doing the same thing in that context would be A-OK. Why the different treatment for two situations that are equal under the law?

[FireBeyond]

Right. They don't. But they seem to think they can send de-auth packets that effectively say to third parties, "I am going to disconnect you from this network". That is at the least -implicitly- saying "I am claiming this SSID, and I am willing to use power/technology/tools to enforce this, whether you like it or not, whether I have the right to or not".

I never said the FCC was involved in enforcing trespass statutes. If there are people on your private property behaving in a way you deem unacceptable (even if legal), then the solution is to remove them from your property, not for you to illegally interfere with the use of the spectrum. That's vigilantism.

The Corp HQ example seems to work because there are clauses that surround intentional deception and the risk to security that could come there-from. When CorpHQSSID access points de-auth packets to an unauthorized access point using the same SSID.

That -wasn't- what was happening here. The convention center was saying "I don't care what your use of the wireless spectrum is, your hotspot, whatever, I'm going to interfere with it so that my SSID is the only one usable (oh, enter your credit card number here)".

Your contortion of logic, willful and disingenous ignorance of contradictions and interpretations don't change these facts. The issue was discussed many times, many lawyers were involved, and the outcome was decided - whether you think it should be or not (your perfect right), it -is- illegal.

[iopq]

You know if a private individual was disrupting a corporation's WiFi he'd be put in prison, right? People got sued for just using WiFis without permission, not even by the owners, but by the government.

[jellicle]

> Cisco's anti-rogue AP tech attacks these hotspots and causes continuous disconnects. That is likely legal.

Why would it be legal to order your computing device to disrupt someone else's computing services?

Just for reference here, under US Federal law:

> knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;

> the term “damage” means any impairment to the integrity or availability of data, a program, a system, or information;

A protected computer is any computer connected to the internet.

Taking any action to impair the availability of data, a program, or a system to any computer connected to the internet is a felony in the United States.

[morcheeba]

That's the Computer Fraud and Abuse act -- not the FCC's domain of wireless spectrum.

[jellicle]

You're right! It is also a crime under the FCC laws. If you manage to interfere with internet-connected computers, using radio communication, you're breaking multiple laws at once. Better hope you have a good lawyer.

[Dylan16807]

You could make an argument that if they set the SSID to CorpWiFi that they have joined the CorpWiFi network, and it's perfectly okay for other parts of that network to decide what connects to what.

There's probably a way to use the CFAA against someone setting up a fake AP, too.

[drzaiusapelord]

>The whole point of the tech is: If you own a network called "CorpWiFi," someone can come along, set up their own AP, and call their WiFi "CorpWiFi" to try and trick clients into connecting to it with the goal of stealing information.

Then contact law enforcement. Building out some vigilante feature into AP's is completely asinine. This is like me seeing someone speed on the expressway and trying to pull them over myself. Of course, we'll abuse that power if given to us!

The FCC needs to up its game. Either allow us to do whatever the hell we want or stop the bad guys. You either have police or you don't. This middle ground of outsourcing enforcement to Cisco and Aruba and other deep pocketed enterprise players was, predictably, abused by terrible corporate citizens and puts home users as a disadvantage as their equipment doesn't have these features.

Or heaven forbid the FCC get off the big donors/money train and strongarm some spectrum so we have more for wifi in the ISM band. How much spectrum is wasted right now on analog radio or other dinosaur services that can be downsampled into bandwidth efficient digital transmissions? Its incredible we have so few bands for our most used infrastructure. Hell, give us channel 14 at least. Figure out a safe way to do this here. We're dying for spectrum yet deep pocketed players buy all they need (mobile networks, clear channel, etc). That's the core problem hereand until we get more wifi spectrum, these shenanigans will continue in one form or another. Smart City isn't knocking you offline because you're some kind of wifi pirate, they're doing it because they want to hog the limited spectrum for their convention customers.

If pirating ssid's were a real problem, we'd all be proposing an ssl-cert like system to verify identities or at least some kind of web of trust to avoid rogue AP's. But its not, its a complete red herring. The real issue is the stingy amount of spectrum allocated to us.

[superuser2]

>Then contact law enforcement. Building out some vigilante feature into AP's is completely asinine. This is like me seeing someone speed on the expressway and trying to pull them over myself. Of course, we'll abuse that power if given to us!

No, it's like any corporation's private security asking you to leave. (Which they absolutely will.)

[DenisM]

Except you don't have property rights over the radio spectrum, unless you licensed it from FCC. It doesn't matter that it's your physical territory - the radio spectrum belong to FCC and them alone.

Similarly, you don't have any rights over the airspace above your land - the FAA does.

[amyjess]

Use of unlicensed radio spectrum requires that you accept any interference caused by others.

[gruez]

so would jamming also count as "interference caused by others"?

[georgemcbay]

Well, yes, but in addition to agreeing to accept interference users of this spectrum also are not allowed to cause interference, so this isn't a good defense strategy for those who would jam you.

https://en.wikipedia.org/wiki/Title_47_CFR_Part_15 (see: subpart .5)

[drzaiusapelord]

These companies have enough lobbying dollars to make LE care. LE cares about me pirating Hollywood movies, doesn't it? That didn't just magically happen on its own.