Mail for August 8, 2002

From: Cory Doctorow
Date: Tue, 13 Aug 2002 15:55:29 -0700
To: Cameron Barrett
Subject: Anonymity and WiFi

Hey, Cam. Saw your entry on allowing anonymous connectivity via open wireless networks. The Time-Warner position is seductive, and wrong. Operating an anonymous access-point is not illegal and doesn't create new liability for your ISP or for you. When you provide bandwidth to others (provided you do so within the AUP of your ISP), you are an ISP under the law. Two laws, the Communications Decency Act and the Digital Millennium Copyright Act, indemnify you from liability for the traffic that moves over your connection. This means that users who connect to your access point and utter death threats, traffick in child-porn, or illegally trade copyrighted works are not your responsibility.

Anonymous speech is enshrined in the First Amendment, and is not a whacky liberatarian idea. Anonymous connectivity is provided at libraries, Internet Cafes, at coin-open kiosks in airports and bus-stations, and elsewhere. Opening up your wireless AP doesn't make you irresponsible or liable, it makes you a good citizen of a functional democracy where whistle-blowers, embarassed VD-curious teens and dissidents can speak their minds without worry.

"As far as I'm concerned, anyone who leaves their wireless network open and unsecured is just asking for trouble, especially if you live in a metropolitan area. Identity thieves and other criminals who want anonymous access to the Internet are going to take full advantage of your generosity."

Sure -- and so will your friends and neighbors.

I don't object to your deciding, on your own, that you should have the right to decide under what circumstances you want to share your connectivity. But I do think that it's borderline FUD for you to tell others that opening up their WAPs to the public are "asking for trouble." I'm not asking for trouble with any of the four open APs I've operated in two cities for 36 months; I'm providing a community service, eyes open and both feet first.

"My wireless network at home has been closed and password-protected from Day 1. Not because I don't want my neighbors to use it, but because I don't want my information stolen and my privacy invaded."

You need to do better than that if you're worried about security. A wireless transport is inherently insecure; even 128-bit WEP keys can be trivially derived. That's why I use an SSH tunnel for my mail and SSL proxies for browsing, no matter what kind of network I'm on. I connect from hotels, from cafes, from airports, on wired and wireless connections, and I use a giant media-conglomerate ISP at home, and I don't trust *any* of 'em.

"How soon before spammers park themselves on a street corner and start using your wireless network to relay spam? How soon before criminals use stolen credit cards while on your network? It can all be traced back to you."

And it won't matter one whit when it is -- you're in a safe harbor.

Thanks a mil for the tipjar donations!

From: Lilly Tao
Subject: Gold Box Behavior

You wrote: "...while Amazon wins by promoting impulse buying, they are losing because I am reluctant to complete an order until my Gold Box contains something I want."

I laughed out loud at this because my behavior is completely opposite. I look at my Gold Box, see something I want, and then buy items off my wish list to get the free shipping! I thought that was the behavior they were promoting: getting people to purchase more stuff when they want a Gold Box item (like loss leaders at the grocery store). It seems you are being triggered in a similar, but opposing way.