Legality of operating a "public" wifi network
-
My IP isn't me.
I hope that anyone who clings to the philosophy that IP = Person gets hacked and has their network used for nefarious purposes.
(Not that I in any way would condone such an act, but it would be an ironic lesson)
-
@vbman213
I don't have enough experience to give you guides lines on logs ….. maybe someone else here in the forum can help you.
I haven't had to play with Captive portal yet, but It may provide all the log details needed to pinpoint a perpetrator.
From what I have read and understood, you will need a separate server just to store all log data.
-
My take on this is:
1- If you don't have logs they can't demand logs. Also, just because someone wants a log doesn't mean they have a good reason to get a log but if you have that log they will probably get it anyway - deserved or not. Better not to have.
2 - Unless I woke up in another country today, I don't have to prove innocence, they have to prove guilt. With 200 users and no logs, its not provable.
-
My IP isn't me.
I hope that anyone who clings to the philosophy that IP = Person gets hacked and has their network used for nefarious purposes.
(Not that I in any way would condone such an act, but it would be an ironic lesson)
The way the law work now days is you are Guilty until proven Innocent …... Try defending yourself in Court without logs ....... When you setup a account with a ISP you are bound by there terms and conditions. Read your terms and conditions and report back ...... You will be rather surprised what liabilities fall on your shoulders as being THE Account Holder!
-
I actually worked with an attorney for a while. Once we had such a case. When I started talking the POSSIBILITY of open proxies, the concept of proving fingers on a keyboard etc and open wifi, they dropped the case on the condition I not show up to talk about any of that in respect to the others on their list. I'm not saying a person can't be railroaded, but we are not police and I don't think we should all be in the police business. If it were a case of just you at your home in the middle of nowhere, its still easily defensible but an apartment building? Seriously? If someone gets a warrant, they can come to the building in person and "tap" the router the way it should be.
Actually, on second though, get 4TB of hard drive and log everything.
Since there is now no big difference between here and China, I may as well go where the beer tastes better and nothing is ever closed. -
I actually worked with an attorney for a while. Once we had such a case. When I started talking the POSSIBILITY of open proxies, the concept of proving fingers on a keyboard etc and open wifi, they dropped the case on the condition I not show up to talk about any of that in respect to the others on their list. I'm not saying a person can't be railroaded, but we are not police and I don't think we should all be in the police business. If it were a case of just you at your home in the middle of nowhere, its still easily defensible but an apartment building? Seriously? If someone gets a warrant, they can come to the building in person and "tap" the router the way it should be.
Actually, on second though, get 4TB of hard drive and log everything.
Since there is now no big difference between here and China, I may as well go where the beer tastes better and nothing is ever closed.Since my local routers only have 32GB storage (SSD) and I minimize writes to disk by disabling the local syslogd and sending everything to a remote syslog server. I just enabled the log switch on my pass rules for the tenant network and I'm NOW collecting every "PASSED" packet that goes across the tenant network. I'm also logging portal auth and dhcpd. That should be enough to put together all of the puzzle pieces if I needed to.
-
I understand clearly and agree with your comments to a certain degree kejianshi, but it can depend on what Corporation or Government entity that is coming after you.
If its something serious or it could simply be to extort you financially. You can bet these crooked attorney will do it to make sure they can continue driving that Porsche 911.
Prosecutors don't care if its a innocent victim, attorneys just want your money.
The World of Law is Corrupt to the Core!
I would rather be on the safe side and have LOGS to make sure that I cant get steam rolled …. :)
If trouble arises I also think you should not make NO entity aware that you have logs ...... reason I say this is to test the ones making the accusations. This would help clue you in on who, what and if they are hostile.
-
I also have a network for a tenant but my logs are off except squid cache (which could be used somewhat as a log) but thats just for improved performance. Same way my IP camera is positioned to see my space and the kids space and to tilt and pan within that space but not my tenant’s space.
But I am considering lo-jacking the neighbour’s wife just for kicks. I might have a sudden need to prove her whereabouts just in case the husband asks me if we were together on X night.
-
@vbman213:
I would say Keeping traffic logs would keep you from being prosecuted. How far back your traffic logs should go is the question. I'm not so sure I would go by someones suggestion for this topic in a forum unless they can point you to local, state and federal laws governing open wifi networks for your area.
Would be best to consult a local company which specialized in open wifi networks or a attorney.
Michigan, United States
Also, what kind of logs are we talking about? Raw Firewall Logs?
Google "CALEA"
Check http://wiki.mikrotik.com/wiki/CALEA
-
I'm no fan of CALEA, but as I understand it, even CALEA has threshholds for required emplementation. Specifically number of users and type of service. I think this guy is too far below the radar to get forced into CALEA requirements, however that depends on how many people is "large wifi network for a nine building apartment complex". Technically speaking.
https://freedom-to-tinker.com/blog/felten/calea-ii-risks-of-wiretap-modifications-to-endpoints/
Another problem I have with logging, especially copious logging is that if a logging system is compromised, now the privacy of everyone included in the logs has been compromised.
CALEA compliant systems have been "hijacked" by criminals to invade the privacy of people and even to commit financial crimes.
