[jiggy2011]

My point is that it's usually down to the ISP or whoever provides to router to make it secure. From what I have observed WEP routers are very rare in the wild so it would seem that they are doing their diligence here.

I'm also not sure how far ignorance goes as an excuse although this could well depend on whether we are talking about civil or criminal law. For example in pretty much any country there are literally thousands of laws that you are expected not to break. I doubt even veteran lawyers know all of these down to the letter , yet if I am charged with one of them that I have no knowledge of I cannot get away with saying that I didn't know it existed. In theory I guess it could be argued that you should never do anything without first consulting a legal professional.

Possibly a lawyer could say to grandma "If you didn't know anything about routers or Java updates, why didn't you hire an IT expert to configure your computer for you?"

[smokeyj]

> My point is that it's usually down to the ISP or whoever provides to router to make it secure.

Which ISP configures wifi routers? And I always see unsecured connections from default routers. Don't tell me you're never connected to the unsecured "Linksys" network..

[jiggy2011]

Most ISPs in the UK do. Personally I use my own router but I have helped friends set up their connections.

Usually what happens is that they send a box with a router + modem + filters etc and instructions as to how to plug it all together.

They also give you a piece of paper telling you the SSID and key with strict instructions not to tell it to anybody.

I imagine the router also calls home at a regular interval and downloads updates automatically, so if there is a security issue it should be rectified relatively quickly.

[dmoo]

Eircom, the largest teleco in Ireland shipped routers for ages where the wep key was easily derived from the ssid. There are 3 of these on the street where I live.

[smokeyj]

Is it a crime to plug in a default router in the UK?

[jiggy2011]

Not sure what is meant by a "default router". AFAIK you can plug in any router you like without committing a crime, but if somebody believes that they suffered as a result of you choosing an unsecured router they might have grounds to take a civil case against you.

As far as I can tell in my googling none of these negligence claims so far have been successful but there has been no clear judgement on this matter to be sure one way or another what might happen in future cases. Also bare in mind that these judgements might differ between jurisdictions.

I simply think that saying "open up your wifi, now you're no longer liable for anything that happens on your internet connection!" is very dangerous advice to be spreading.

[smokeyj]

> Not sure what is meant by a "default router".

Default settings. Many wifi routers work just by plugging in ethernet.

> I simply think that saying "open up your wifi

I'm not suggesting anything besides grandma isn't her IP. I don't see why that's confusing.

[petitmiam]

This is the same in Australia. I went round to a friends house to help secure their router, only to find it was already done by default.