Can We Sniff Wi-Fi?: Implications of Joffe v. Google

Author

Garfinkel, Simson L. ; McCarrin, Michael

Volume

12

Issue

4

fYear

2014

fDate

July-Aug. 2014

Firstpage

22

Lastpage

28

Abstract

On 27 December 2013, the US Court of Appeals for the Ninth Circuit issued an opinion that intercepting data from unencrypted wireless local area networks - Wi-Fi sniffing - can violate the US Wiretap Act. The case centers on a Wi-Fi sniffer that was present in Google Street View vehicles that roamed the US between 2008 and 2010 and that were permanently recording every unencrypted Wi-Fi frame that they intercepted. Although the Wiretap Act has a broad exemption for intercepting radio communications that are generally accessible to the public, the Court ruled that Wi-Fi is not a radio communication. The ruling, if it stands, will significantly impact computer security education, in which Wi-Fi sniffing is a common student exercise; security practitioners, who frequently sniff for security assessments; and computer security research, which has traditionally used collection in the wild as a way of finding vulnerabilities.

Keywords

computer network security; computer science education; law; wireless LAN; Google Street View vehicles; US wiretap act; Wi-Fi sniffing; computer security education; radio communications interception; student exercise; unencrypted Wi-Fi frame; unencrypted wireless local area networks; Communication system security; Computer security; Cryptography; Google; IEEE 802.11 Standards; IEEE 802.11 standards; Legal aspects; Surveillance; Wireless communication; 802.11; ECPA; Electronic Communications Privacy Act; Joffe v. Google; Wi-Fi; privacy; surveillance;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSP.2014.64

Filename

6876254