Piggybacking (internet access)
"Piggybacking" is a term used to refer to access of a wireless internet connection by bringing one's own
computerwithin the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary in jurisdictions around the world. While completely outlawed in some jurisdictions, it is permitted in others.
A customer of a business providing hotspot service, such as a
hotelor cafe, is generally not considered to be piggybacking, though non-customers or those outside the premises may be. Many such locations provide wireless Internet access as a courtesy to their patrons, either with or without an extra charge, or simply to draw people to the area. [Cite news
last = Yi
first = Matthew
title = Wi-Fi hits the spot
work = San Francisco Chronicle
accessdate = 2007-09-03
url = http://sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/08/25/BU213993.DTL&type=business]
Piggybacking is distinct from
wardriving, which involves only logging or mapping of access points' existence.
Piggybacking has become a widespread practice in the 21st century due to the advent of wireless internet connections and
wireless routers. Computer users either who do not have their own connections or who are outside the range of their own might find someone else's by wardrivingor luck and use that one.
However, those residing near a hotspot or another residence with the service have been found to have the ability to piggyback off such connections without patronizing these businesses, which has led to more controversy. While some may be in reach from their own home or nearby, others may be able to do so from the parking lot of such an establishment, from another business that generally tolerates the user's presence, or from the public domain. Others, especially those living in
apartments or town houses, may find themselves able to use a neighbor's connection.
WiFi-hotspots (unsecured and secured) have been (to some degree) already been recorded with GPS-coordinates. Sites such as [http://www.wigle.net/ Wigle.net] and [http://www.wifimaps.com/ WifiMaps] provide this information.
Reasons for piggybacking
There are many reasons why internet users piggyback on other's networks.
For some, the cost of internet service is a factor. Many computer owners who cannot afford a monthly subscription to an internet service, who only use it occasionally, or who otherwise wish to save money and avoid paying, will routinely piggyback from a neighbor or a nearby business, or visit a location providing this service without being a paying customer. If the business is large and frequented by many people, this may go largely unnoticed.
Yet other piggybackers are regular subscribers to their own service, but are away from home when they wish to gain internet access, and do not have their own connection available at all or at an agreeable cost.
Often, a user will access a network completely by accident, as the network access points and computer's wireless cards and software are designed to connect easily by default. This is common when away from home or when the user's own network is not behaving correctly. Such users are often unaware that they are piggybacking, and the subscriber has not noticed. Regardless, piggybacking is difficult to detect unless the user can be viewed by others using a computer under suspicious circumstances.
Less often, it is used as a means of hiding illegal activities, such as downloading child
pornographyor engaging in identity theft. This is one main reason for controversy.
Network owners leave their networks unsecured for a variety of reasons. They may desire to share their Internet access with their neighbors or the general public, or may be intimidated by the knowledge and effort required to secure their network while making it available to their own laptops. Some wireless networking devices may not support the latest security mechanisms and users must therefore leave their network unsecured. For example the
Nintendo DScan only access wireless routers using the discredited WEP standard. Given the rarity of such cases where hosts have been held liable for the activities of piggybackers, they may be unaware or unconcerned about the risks they incur by not securing their network, or of a need of an option to protect their network.
Views on the ethics of piggybacking vary widely. Many support the practice, stating it is harmless, and that it benefits the piggybacker at no expense to others, while others criticize it with terms like "leeching", "mooching", or "freeloading". A variety of analogies are made in public discussions to relate the practice to more familiar situations. Advocates compare the practice to:
* Sitting behind another passenger on a
train, and reading their newspaperover their shoulder. [cite web
last = Marriott
first = Michel
title = Hey Neighbor, Stop Piggybacking on My Wireless
The New York Times
url = http://www.nytimes.com/2006/03/05/technology/05wireless.html?ex=1299214800&en=de3c127408552e0a&ei=5089
accessdate = 2007-04-09]
* Enjoying the music a neighbor is playing in their backyard.
* Using a
* Sitting in a chair put in a public place.
* Reading from the light of a porch light or streetlamp.
* Eating another's leftovers abandoned at a restaurant.
Opponents to piggybacking compare the practice to:
* Entering a home just because the door is unlocked
* Hanging on the outside of a bus to obtain a free ride.
* Connecting one's own wire to a neighbor's house to obtain free
cable TVservice when the neighbor is a subscriber.
The piggybacker is using the connection paid for by another without paying them compensation. This is especially of concern in an apartment complex where many residents live within the normal range of a single wireless connection. Some residents are able to gain free internet access while others pay. Many ISPs charge monthly rates, however, so there is no difference in cost to the network owner.
Excessive piggybacking may slow down the host's connection, with the host typically unaware of the reason for the reduction of speed. This is more of a problem where a larger number of persons are engaging in this practice, such as in an apartment or near a business.
The piggybacker has the ability to engage in illegal activity, such as identity theft or child pornography, without much of a trail to their own identity, leaving the network owner a subject of investigation for a crime s/he did not commit or have any involvement in. While most persons engaging in piggybacking are generally honest citizens, a smaller number are breaking the law in this manner, making the discovery of their identity difficult or impossible for investigators.
Most access points, when using default settings, are configured to provide wireless access to all who request it. Some argue that those who set up access points without adding security measures are offering their connection to the community. Many people intentionally leave their networks open to allow neighbors casual access, with some joining
wireless community networks, to share bandwidth freely. It has largely become etiquette to leave access points open for others to use, just as someone expects to find open access points while on the road. Jeffrey L. Seglin, ethicistfor the New York Times, recommends notifying the network owner if they are identifiable, but says there is nothing inherently wrong with accessing an open network and using the connection. "The responsibility for deciding whether others should be able to tap into a given access belongs squarely on the shoulders of those setting up the original connection." [Cite news
last = Seglin
first = Jeffrey L.
title = If Internet connection is open, feel free to use it
The Columbus Dispatch
accessdate = 2007-09-03
url = http://www.dispatch.com/live/contentbe/dispatch/2006/02/26/20060226-H2-03.html]
Randy Cohen, author of "The Ethicist" column for The New York Times Magazineand National Public Radio, says that one should attempt to contact the owner of a regularly-used network, and offer to contribute to the cost. But he points out that network owners can easily password protect their networks, and quotes attorney Mike Godwin, concluding that open networks likely represent indifference on the part of the network owner, and accessing them is morally acceptable, if not abused. [Cite news
last = Cohen
first = Randy
title = Wi-Fi Fairness
The New York Times
accessdate = 2007-09-03
url = http://query.nytimes.com/gst/fullpage.html?res=9C05EEDD123BF93BA35751C0A9629C8B63] [Cite episode
National Public Radio
credits = Randy Cohen (Director), Jennifer Ludden (Director)
title = Stealing Thin Air
All Things Considered
accessdate = 2007-09-03
url = http://www.npr.org/templates/story/story.php?storyId=4604352]
Policy analystTimothy B. Lee writes in the International Herald Tribunethat the ubiquity of open wireless points is something to celebrate. He says that borrowing a neighbor's Wi-Fi is like sharing a cup of sugar, and leaving a network open is just being a good neighbor. [Cite news
last = Lee
first = Timothy B.
title = Wireless Internet: Hop on my bandwidth
International Herald Tribune
accessdate = 2007-09-03
url = http://www.iht.com/articles/2006/03/16/opinion/edlee.php]
Laws do not have the physical ability to prevent such action from occurring, and piggybacking may be practiced with negligible detection.
The owner of any wireless connection has the ability to block access from outsiders by engaging
wireless LAN securitymeasures. This is not practiced by all owners, and some security measures are more effective than others. More security-conscious network operators may choose from a variety of security measures to limit access to their wireless network, including:
* Hobbyists, computer professionals and others who study
Wired Equivalent Privacy(WEP) can apply it to many Access Points without cumbersome setup, but it offers little in the way of practical security against similarly studious piggybackers. It is cryptographically very weak, so an access key can easily be cracked. Its use is often discouraged in favor of other more robust security measures, but many users feel that any security is better than none or are unaware of any other. In practice, this may simply mean your neighbors' non-WEP networks are more accessible targets. WEP is sometimes known to slow down network traffic in the sense that the WEP implementation causes extra packets to be transmitted across the network. Some claim that "Wired Equivalent Privacy" is a misnomer, but it generally fits because wired networks are not particularly secure either.
Wi-Fi Protected Access(WPA), as well as WPA2 and EAP are more secure than WEP but are not as widespread. Many Access Points will support WPA after a firmwareupdate.
MAC addressauthentication in combination with discretionary DHCP server settings allow a user to set up an "allowed MAC address" list. Under this type of security, the access point will only give an IP Addressto computers whose MAC address is on the list. Thus, the network administrator would obtain the valid MAC addresses from each of the potential clients in their network. Disadvantages to this method include the additional setup. This method does not protect data from being stolen (there is no encryption involved). Methods to defeat this type of security include MAC address spoofing, detailed on the MAC addresspage, whereby network traffic is observed, valid MACs are collected, and then used to obtain DHCP leases.
* IP security (IPsec) can be used to encrypt traffic between network nodes, reducing or eliminating the amount of
plain textinformation transmitted over the air. This security method addresses privacy concerns of wireless users, as it becomes much more difficult to observe their wireless activity. Difficulty of setting up IPsec is related to the brand of Access Point being used. Some access points may not offer IPsec at all, while others may require firmware updates before IPsec options are available. Methods to defeat this type of security are computationally intensive to the extent that they are infeasible using readily-available hardware, or they rely on social engineering to obtain information (keys, etc) about the IPsec installation.
VPNoptions such as tunnel-mode IPSecor OpenVPNcan be difficult to set up, but often provide the most flexible, extendable security, and as such are recommended for larger networks with many users.
Wireless intrusion detection systems can be used to detect the presence of rogue access points which expose a network to security breaches. Such systems are particularly of interest to large organizations with many employees.
RADIUScan be used on WRT54Grouter or similar not running the default firmware but firmware such as DD-WRT
Honeypot (computing)This involves setting up a computer on a network just to see who comes along and does something on the open access point.
There are several alternatives to the need to piggyback.
Internet access is available with data plans on many
smart phonesand PDAs. Although it may have browsing limitations compared with Internet access on a desktop or laptop computer, it can be accessed anywhere there is an adequately strong data signal in both directions (transmit and receive).Some mobile phoneservice providers offer Wi-Fi access via a data connection from a laptop to a mobile phone to subscribers for around $60/month. This allows the computer internet access anywhere there is a signal.
Some jurisdictions have been experimenting with state-wide, county-wide or
Municipal wireless networkaccess. Baltimore County, Marylandhas recently announced a plan to provide free Wi-Fi access throughout the entire county. [ [http://www.examiner.com/a-667352~Towson_gets_free_wireless_Internet.html Towson gets free wireless Internet - Examiner.com ] ] Currently, this service is being provided in the central business districtof the county's seat Towson, and is gradually being expanded through the remainder of the county. These pilot programs may result in similar services being provided nationwide.
Free internet access hotspots have also been opened by a wide range of organisations. They may be found at [http://www.free-hotspot.com/ Free-hotspots.com] .
FONis a wireless internet router-vending company that has a specific internet/network access sharing scheme which allows its users to share their internet access for free to FON-users. Non-FON-users can also link-up, at a small price. The idea is to create a global, free internet access system. [ [http://www.fon.com/en/info/whatsFon FON]
Local area network
Exposed terminal problem
Hidden terminal problem
Fixed Wireless Data
Evil twin phishing
* Cite journal
volume = 2
issue = 4
last = Kern
first = Benjamin D.
title = Whacking, Joyriding and War-Driving: Roaming Use of Wi-Fi and the Law
journal = CIPerati
accessdate = 2007-09-01
year = 2005
month = December
url = http://www.abanet.org/buslaw/committees/CL320010pub/newsletter/0009/
* Cite web
last = Adam
first = A K M
title = So Weirdly Wrong
work = AKMA's Random Thoughts
accessdate = 2007-09-03
url = http://akma.disseminary.org/archives/001518.html - An encounter in which a police officer tells a blogger he cannot use a public library's Internet access from a bench outside the library, and can't even use his laptop in the vicinity.
Wikimedia Foundation. 2010.
Look at other dictionaries:
Piggybacking — may refer to: Piggy back (transportation), something that is riding on the back of something else Piggybacking (security), when an authorized person allows (intentionally or unintentionally) others to pass through a secure door Splash cymbal… … Wikipedia
Legality of piggybacking — Laws regarding unauthorized access of a computer network exist in many locales, including the U.S. federal government, all 50 U.S. states, and other countries, though the wording and meaning differ from one to the next. However, the… … Wikipedia
Wi-Fi — For the radio station, see WIFI (AM). Wi Fi logo Wi Fi ( / … Wikipedia
Cracking of wireless networks — is the penetration of wireless networks. A wireless network can be penetrated in a number of ways. These ways vary greatly in the level of computer skill and commitment they require. Once within a network, a skilled hacker can modify software,… … Wikipedia
Wireless hacking — In security breaches, wireless hacking is the unauthorized use or penetration of a wireless network. A wireless network can be penetrated in a number of ways. There are methods ranging from those that demand a high level of technological skill… … Wikipedia
WarXing — WarXing, NetStumbling or WILDing [ [http://www.bawug.org WILDing] ] is the activity of detecting publicly accessible computer systems or (wireless) networks. The X may be replaced by a more specific activity to give the following… … Wikipedia
Hotspot (Wi-Fi) — A diagram showing a Wi Fi network A hotspot is a site that offers Internet access over a wireless local area network through the use of a router connected to a link to an Internet service provider. Hotspots typically use Wi Fi technology.… … Wikipedia
Wireless LAN security — One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. Although this… … Wikipedia
Municipal wireless network — (Municipal Wi Fi, Muni Wi Fi or Muni Fi) is the concept of turning an entire city into a Wireless Access Zone (WAZ), with the ultimate goal of making wireless access to the Internet a universal service. This is usually done by providing municipal … Wikipedia
Spyware — is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically,… … Wikipedia