If you're interesting in ensuring that you do so with appropriate legality, then your best avenue would be to get the permission of the WAP owner--tell them that you're doing research on wifi, that you wanted to get their permission before doing so, and that you're sensitive to privacy etc. You're going to get a lot of "no" answers. Proper social engineering/salesmanship will mitigate some of these if you present it as something of value to the WAP owner--"free site survey to help you increase your security" (provided you follow through with at least some documentation derived from your pcaps) or "it's for a study" might get you some better responses. But yeah--get (written!) permission from the WAP owner and you're likely to be entirely in the clear. N.b. I am not a lawyer; this isn't legal advice; this is just a practical interpretation from my individual perspective. Your mileage may vary; void where prohibited. --ER On 09/08/2014 09:37 AM, Bryan Bickford wrote: > Greetings, > > I am starting some wifi research and had questions about the legality of > listening to unencrypted, public wifi data and publishing subsequent > research. > > From what I understand, the wiretap act prohibits listening to > communications that were not configured to be readily accessible to the > general public. Specifically: > > ...permits "any person" to intercept an electronic communication made > through a system "that is configured so that . . . [the] communication is > readily accessible to the general public." > > I have seen debates about whether an unencrypted access point (e.g. > starbucks) qualifies under this exception. Is there any concrete legal > precedent that defines this either way? > > The only one I can think of is the google street view case, and they lost. > http://epic.org/privacy/streetview/ > > From a technical viewpoint, you are just reading unencrypted radio waves. I > see no technical reason that it's any different than listening to an FM > radio station. > > Anyone else have more insight/experience? > > _______________________________________________ > Sent through the Full Disclosure mailing list > http://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > -- Talk to me securely: https://emailselfdefense.fsf.org/en/ View my public signature: https://keybase.io/munin EBCF7076FE79669584934664B7A07729C6AA699A
Attachment:
0xC6AA699A.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/