Wardriving for wireless LANs 2

Owen Lewis oml at sysrx.uk.com
Sat, 1 Jun 2002 14:27:31 +0100 

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Quentin
> Campbell
> Sent: 31 May 2002 09:38
> To: ukcrypto@chiark.greenend.org.uk
> Subject: RE: Wardriving for wireless LANs 2
>
>
> > -----Original Message-----
> > From: Roland Perry [mailto:roland@linx.net]
> > Sent: 30 May 2002 11:49
> > To: ukcrypto@chiark.greenend.org.uk
> > Subject: Re: Wardriving for wireless LANs 2
> >
> >
> > In message
> > <BB3AF5C4A607FE4E969AA39CB42B6C7B7797@bond.campus.ncl.ac.uk>,
> > Quentin Campbell <Q.G.Campbell@newcastle.ac.uk> writes
> > >IANAL but it seems that a so called "war drive" without the
> > appropriate
> > >licence would in most cases be an offence under S5 of the Wireless
> > >Telegraphy Act 1949.
> >
> > If that's all about unauthorised reception [sorry, don't have
> > Act to hand] then how does that square with the beacon
> > broadcasts that are being picked up being an intentional
> > aspect of the WaveLAN specification?
>
> Roland
>
> That is an interesting question and I would like to be able to answer it
> but I cannot. I raised the issue of the WT Act because I have related
> questions which I would like answered, one of which I touch on in the
> commentary below (to do with Amateur Radio Licences).
>
> If anyone can help clarify the implications of the WT Act and subsequent
> regulations I would welcome it.

IANAL but it seems to me that wardriving WLAN may be a (doubtless
unintended) hole in the legislation.

Let's begin at the beginning. The grandfather legislation is the Wireless
Telegraphy Act 1949. When I was a lad, this was invariably interpreted as
allowing the public to tune a receiver to any frequency they could but,
having done so, they were bound under penalty in law not to disclose or
otherwise use any information they might have acquired thereby.

In the 1990's the courts (I have little doubt acting in response to govt
urgings) re-interpreted the meaning of the old act to make is an offence to
tune a receiver to any frequency not assigned for public use. Thus is became
a criminal offence to tune a receiver to any frequency outside of those
especially designated for public use (e.g. public broadcast, met broadcast,
ham bands etc). Case law has established that being in possession of a
receiver with non-public use frequencies set into its memories is sufficient
evidence to obtain a conviction for an offence under WTA 49. (No I don't
have the case reference(s) but some kind lawyer may be able to help).

The reasons for this sea-change are doubtless varied but would include the
following:

	-	The explosion in the use of hand-held scanning receivers by criminals to
monitor activity on the local police nets.

	-	The regular kibitzing by journos of politicians calls on the old
TACS/ETACS cellphone system.

	-	To conform with practices already established on the major states of
continental Europe.


WLAN operates for now) in the 2.4 GHz ISM band. This band is used by a wide
range of radio systems in addition to IEEE 802.11
systems. No licence is required to operate in this band and most equipment
is unregulated also. Users of the band must accept interference as they find
it.

WLAN deconflicts its comms from other users along the following lines.

	-	The system is frequency hopping, using (by govt requirement, I
understand) 80 channels only and with a fixed algorithm determining the
channel hop sequence.

	-	EDC orders the retransmission of any packet not correctly received.

As WLAN splatters its momentary communication across the whole ISM band, it
is impossible to use the band and not be constantly receiving parts of other
people's communications. However, one may be unaware of this unless the
density of WLANs is particularly high.

The truth seems to be that the current interpretation of the law is
illogical and creates many anomalous situations. This leaves the police in
the position where they refer the activity of A for prosecution but choose
to ignore similar activity by B. The law allows for no 'harmless' or
'justifiable' exceptions - see the Radio Communications Agencies web site.

I don't need to point out the reasons why such a position is thoroughly bad
and ill thought through.

The bottom line is that it is the relatively recent re-interpretation of the
meaning of WTA 49 in the lower courts that has made an ass of this law. Its
a mess. The Crown knows it's a mess. At some point, matters will be tidied
up but - you may rely upon it - that tidy up will not obtain a return to the
status quo ante but yet a further tier or unnecessary regulation and
licensing.

For the meantime and perhaps forever, those who boldly go to parts of the
spectrum not assigned for public use do so at the risk of a criminal record.

Reductio ad Absurdum:-

Since light is but a small part of the continuum of radiated electromagnetic
energy by the modulation of which information is transmitted over distance
by wireless means, it seems that one's eyes may be possessed without a
licence but unlicensed use of them will lead to their confiscation and a
fine and criminal conviction for their erstwhile owner. For the present,
govt only arrogates to itself 'control' of the spectrum up to 105 GHz, I
know, but I freely make UKG a present of this wonderful revenue-raising
idea. It requires but the lobby fodder of a poodle parliament to do as they
are so well accustomed.

Now, to return to the topic....

The 2.4 - 2.5 GHz band is assigned for general, unlicensed, use by the
public. That (IANAL caveat) should be sufficient to prevent any prosecution
being brought for the reception, deliberate or otherwise of whole or
fragmentary communications transmitted in that band.

Owen