From Newsgroup: alt.internet.wireless

On 28 Nov 2025 15:12:22 GMT, Frank Slootweg wrote:

There are two passwords: 1) The one to access the web UI of the modem/router and 2) the password for your WiFi network.

1) probably should be unique, but must not be unique, because it's
only accessed from your (hardwired or/and wireless) network.

2) is unique as shipped from / installed by the ISP, but as soon as
you change the SSID (your WiFi network name) it can be anything you
like, provided it matches the rules defined by the router and is
sufficiently secure.

I'm sure almost everyone knows the two credentials, but I'm not sure if the
OP is aware of the differences between them...

1. The admin "password" to the router is sometimes (often?) limited
to 8 characters (at least it is on some of my older Netgear routers)
and it may require uppercase,lowercase & funky characters (as my
Netgear routers require), so you're limited in your choices.

2. The SSID "passphrase" to the access point, can be 8?63 characters
for WPA2/WPA3, which can be resistant to brute-force attacks.

I suspect most people aren't aware of oublic rainblow hash tables, which
take advantage of the fact that WPA2 uses PBKDF2 (Password-Based Key
Derivation Function 2) with HMAC-SHA1 to stretch the passphrase into a
256-bit key. Butterfly hash tables also exist, which are a specialized structure that optimizes lookup and reduces memory usage compared to traditional rainbow tables.

They're only effective if the attacker can guess the SSID, because the SSID
is part of the salt in WPA2 key derivation. That's why you want your SSID
not to show up in a dictionary lookup, as then you have no AP security.

WPA3's SAE (Simultaneous Authentication of Equals) protocol makes those
tables obsolete, but for most of us, what all this means is we should
simply choose an SSID that isn't found in typical dictionary lookup tables.

Something like "gibberis_plus_more_gibberish_optout_nomap" for example.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

On Fri, 28 Nov 2025 10:54:26 +0000, Andy Burns wrote:

wasbit wrote:

Hmmm! 19 replies & not a mention of bandwidth theft.

Amazed that any wifi router is set for no authentication ...

To that point, while I get my Internet for free from a WISP, I live on a mountain where I can see a city below of almost a million inhabitants, so
with any one of my many powerful Ubiquiti Rocket dishes, I can "see"
perhaps hundreds of access points, some of which are not secured.

Of course, the rooftop radio needs to have a very good sensitivity with low noise in my local environment (for a good SNR) to reliably receive weak
signals and of course the radio needs to be set to a very high power output with a narrow beamwidth (and channel width), but all that "can" be
accomplished if you felt like stealing someone else's bandwidth.

I don't do it, of course, for the obvious reasons, but my only point to
other is that a surprising amount of those appear to be unsecured.
--
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

On Fri, 28 Nov 2025 17:56:28 +0000, Adrian Caspersz wrote:

BTW There is no point any more in hiding SSIDs that used to be
fashionable security advice. In fact if you do that then your portable device is forced to maintain a local list of recent contacted SSIDs and repeatedly calls out "Are You There?", which anyone can use for tracking
you when you are out and about.

Be careful.

This advice is perfectly correct for security.
But it's dead wrong for privacy.

See my previous post on how to set up your SSID & devices for privacy,
where not broadcasting the SSID has distinct and immediate privacy
advantages unknown to most people.

For security, most modern devices can set a random MAC address per SSID,
and almost all Android phones can optionally set that random MAC address to
be per connection. On iOS 14 and above, you can only set the random MAC
address per SSID, but not per connection (so yet again, security and
privacy on iOS is always less than that on Android).

Note: However, Adrian Caspersz is correct that if you set up your SSID to
not broadcast, which IMHO everyone should do, then if the device connecting
to it is a mobile device, then it's more private to set that mobile device
to not automatically connect (for reasons spelled out in my prior posts and which Adrian was well aware of).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

On Fri, 28 Nov 2025 18:40:35 -0000 (UTC), Marian wrote:

For security, most modern devices can set a random MAC address per SSID,
and almost all Android phones can optionally set that random MAC address to be per connection. On iOS 14 and above, you can only set the random MAC address per SSID, but not per connection (so yet again, security and
privacy on iOS is always less than that on Android).

Thinko...

For "privacy" (not security) you want to set a random MAC per SSID.

MAC randomization is primarily a privacy feature, not a security feature.

Implications?
1. Android is more private (as usual) than iOS because you have the
option of setting MAC randomizaton per SSID & per connection.
2. iOS is less private (as usual) than Android as you can only set
MAC randomization per SSID.
3. For Windows 10, it's like iOS in that it's only per SSID.
Settings > Network & Internet > Wi-Fi > Manage known networks
[Network] > Random hardware addresses.
4. For Windows 11, it's more like Android in that it can be per diem.
5. Also Windows can set randomization for all access points en masse.

In all cases, the MAC randomization feature is about privacy (reducing tracking), not security (preventing attacks).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

Frank Slootweg wrote:

Hmmm! 19 replies & not a mention of bandwidth theft.

It seems to be mostly a tale about semi-broken or half-functional kit.
Since the OP has his own paid Internet service, there is no
evidence of "100% leeching" going on, particularly. I bet the
OP could tighten up his settings a bit.

The OP knows he has connected to the neighbour's wifi but said nothing
about having permission.
Until clarified it is bandwidth theft.

micky's *computer* *accidentily* connected to his neighbour's WiFi:

<micky>
This morning I rebooted and on its own, it connected to the wifi of a neighbor, but not to my own wifi Hmmm after 30 minutes of using his,
it just switched to my wifi. But still not to the cable, which I
thought would take priority, plusd last night the Troubleshooter said my laptop's wifi was bad too, the one that hasn't worked since February. </micky>

So *instead of* connecting to his "cable" (wired LAN?) or WiFi, his *computer* (*not* micky) connected to his neighbour's WiFi.

Could he have disconnected the neighbour's WiFi in those 30 minutes?
Yes. Did he know how to do that? I don't know.

As to "bandwidth theft": I'm sure his accidental use, doesn't deserve
your harsh condemnation.

I'm surprised nobody but me mentioned the solution to the OP's problem set.

Only the router owner can disable SSID broadcast to make it invisible to all devices.
However, what the OP can do is put an "X" on the SSID icon by blocking connections.

You can't hide your neighbors' AP SSID from showing up, but you can block
the chance of accidental connection by running the "block" netsh command.
netsh wlan add filter permission=block ssid="NeighborSSID" networktype=infrastructure

I'm surprised I'm the only one on this newsgroup who seems to be aware of
this feature since it's the best solution possible to the OP's problem set.
@echo off
netsh wlan show filters
echo Blocking unwanted Wi-Fi networks...
REM Replace these with the SSIDs you want to hide
netsh wlan add filter permission=block ssid="NeighborSSID1" networktype=infrastructure
netsh wlan add filter permission=block ssid="NeighborSSID2" networktype=infrastructure
netsh wlan add filter permission=block ssid="NeighborSSID3" networktype=infrastructure
echo Done! The specified SSIDs are now blocked.
netsh wlan show filters
pause

I wish there was a way to hide from view your neighbors' AP's altogether.

What I do, for privacy (not for security), is I hide the broadcast of my home SSIDs.
That way, they're not uploaded to public servers by every mobile device passing by.

In addition, by hiding my SSID broadcast, my neighbors won't passively see them.

REFERENCES: https://learn.microsoft.com/en-us/answers/questions/1329103/block-and-hide-wifi-network
https://www.tenforums.com/tutorials/3562-add-remove-wireless-network-filter-windows-10-a.html
https://www.techbout.com/hide-block-wifi-networks-in-windows-10-38797/ https://www.howtogeek.com/331816/how-to-block-your-neighbors-wi-fi-network-from-appearing-on-windows/
https://www.thewindowsclub.com/allow-or-block-wifi-network-in-windows
--
The solution to every problem is easy when you're intelligent enough to seek the answer.


























--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

Carlos E.R. wrote:

As to "bandwidth theft": I'm sure his accidental use, doesn't deserve
your harsh condemnation.

In my view, using an open WiFi is permitted.

I agree with both Carlos & Frank since I agree with anyone, no matter who
they are, if they post a reasonably sensibly logically stated view.

However... I just looked up US case law on this topic for the first time,
and while case law may well differ in Frank's & Carlos' location across the pond, I'm assuming the OP is in the United States whose law I looked up.

Below is a copied-and-pasted response from the references...

In the United States, using a neighbor's open Wi-Fi without permission is generally considered unauthorized access under federal and state law. Even
if the network is unsecured, courts have treated this as potentially
illegal. Case law and statutes (like the Computer Fraud and Abuse Act)
support that "piggybacking" on someone else's Wi-Fi can be prosecuted,
though enforcement is rare unless other crimes are involved.

Federal Law - Computer Fraud and Abuse Act (CFAA): The CFAA (18 U.S.C. Sec. 1030) makes it a crime to intentionally access a "protected computer"
without authorization. Courts have interpreted Wi-Fi routers and networks
as "protected computers." Thus, connecting to a neighbor's Wi-Fi without consent can fall under this statute.

Many states have their own computer crime statutes that prohibit
unauthorized access to networks. For example, Florida and Michigan have prosecuted individuals for unauthorized Wi-Fi use under state computer
crime laws.

Michigan (2007 - Compuware Building case): A man was arrested for
repeatedly using an open cafe Wi-Fi from his car. He was charged under Michigan's "Fraudulent Access to Computers, Computer Systems, and Computer Networks" law. The network had no password or permission screen, but prosecutors argued that "authorization" still requires the owner's consent.

Florida (2005 - Lakeland case): A man was fined for accessing a private
home's open Wi-Fi without permission. He was prosecuted under Florida's computer crime statute. Again, the network was unsecured - no password or login screen - but the court treated it as unauthorized use.

Illinois (2006 - Aurora case): A man was charged with "unauthorized use of
a computer network" for connecting to a resident's open Wi-Fi. The SSID was broadcast and unprotected, but the court found that lack of technical
barriers did not equal consent.

In California, using a neighbor's open Wi-Fi without permission is illegal under California Penal Code Sec. 502 (Unauthorized Computer Access and
Fraud). Even if the network is unsecured and has no permission screen,
courts treat this as "unauthorized access." Convictions can carry fines and
up to three years in prison.

California Penal Code Sec. 502 PC: Makes it a crime to "knowingly access
and without permission use, alter, or damage any computer, computer system,
or computer network." This statute explicitly covers Wi-Fi networks. Courts
in California have clarified that the absence of a password or permission screen does not imply authorization. Unauthorized use of an open Wi-Fi is still considered "stealing" internet service.

People v. Hawkins (California, 2009): A man was charged under Penal Code
Sec. 502 for accessing a neighbor's open Wi-Fi without permission. The
court held that "open" does not equal "public," and unauthorized use still counts as unlawful access.

San Jose Police Reports (2005-2007): Several arrests were made for
individuals "piggybacking" on open residential Wi-Fi. These were prosecuted under Sec. 502 PC, even though the networks had no passwords or permission screens.

If you own the router, then the best way to prevent this (and gain some privacy from mobile device uploads to public databases at the same time) is simply to hide AP broadcasts.

If you're the next-door neighbor, the best way on Windows to prevent connections to the neighbors' open access points is to "block them.

@echo off
netsh wlan show filters
echo Blocking unwanted Wi-Fi networks...
REM Replace these with the SSIDs you want to hide
netsh wlan add filter permission=block ssid="NeighborSSID1" networktype=infrastructure
netsh wlan add filter permission=block ssid="NeighborSSID2" networktype=infrastructure
netsh wlan add filter permission=block ssid="NeighborSSID3" networktype=infrastructure
echo Done! The specified SSIDs are now blocked.
netsh wlan show filters
pause


REFERENCES:
https://en.wikipedia.org/wiki/Legality_of_piggybacking https://www.nolo.com/legal-encyclopedia/stealing-wi-fi-your-neighbor-a-victimless-crime.html
https://www.findlaw.com/realestate/neighbors/neighbor-stealing-your-wi-fi-here-are-your-legal-options.html
https://www.shouselaw.com/ca/defense/penal-code/502/ https://www.egattorneys.com/stealing-wifi https://legalclarity.org/is-stealing-wi-fi-a-crime-the-laws-and-penalties/ https://hamiltonpawprint.com/is-it-illegal-to-use-someones-wi-fi-without-permission-the-legal-consequences-in-san-jose-ca/
--
Most people are intuitive so they make guesses without checking them;
but when they check their intuitive assumptions, they are often wrong.




















--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

Carlos E.R. wrote:

Carlos was pointing out that some things will connect to any open wifi,
_without the user knowing_. That is not "taking advantage" - or if it
is, your opprobrium needs to be addressed to the makers of such
equipment, not the users.

Well, I don't use automatic wifi connect. I always look for my own
router's SSID. :)

I use automatic wifi connect, to known wifis. I have disabled connect to open wifis.

To add further technical value to this sub topic...

For those wishing to know more about this topic, most people have their
router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you
d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Every mobile device owned by ignorant/rude people is uploading that privacy
to the world-wide publicly accessible databases (which have been abused).

That means my mobile devices don't ever upload your privacy.
But your mobile device almost certainly tries to upload mine.

What I do to prevent the upload is I set my SSID to not broadcast.
a. This prevents a passive upload by rude/ignorant people.
I also opt out by adding _optout_ & _nomap to the SSID.
b. This (supposedly) removes my privacy information from the servers
In addition, I set the mobile device to not connect automatically.
c. This stops the mobile device from shouting out "are you there?"

In addition, due to the ubiquitous existence of WPA2 SSID-salted rainbow
hash tables (& reusable butterfly WPA2-handshake hashcat tables), I use a (hopefully) unique SSID (since it's the WPA2 encryption salt) in addition
to a (hopefully) non-dictionary passphrase (both of which are required to
stay out of those pre-computed and re-used cryptographic hash tables).
1. Rainbow tables: Precomputed WPA2 hash databases based on SSID
2. Butterfly hash tables: Optimization structures used in WPA2 cracking

Furthermore, iOS mobile devices can be set to randomize the MAC per SSID,
while Android mobile devices can be set to randomize the MAC per instance.

If you own a new'ish router, you can upgrade to WPA3, which replaces WPA2's vulnerable handshake with SAE (so it's resistant to dictionary attacks).

Of course, you should always disable Wi-Fi Protected Setup (WPS). Duh.
And, keep your firmware updated (duh), & isolate the guest network (duh). Disable remote adminstration to your router (duh) & use HTTPS for login.

You "can" restrict connections by MAC, but if you're randomizing the MAC address, it's going to be impossible (as is static IP addresses set at the router level - they now have to be set at the mobile device level instead).

Also enable and check the router log (duh) for intrusions, but if you've
ever done that, you'll know already you're being attacked constantly.

Disable UPnP (duh), and firewall inbound traffic (duh) and enable DNS encryption (DoH/DoT), which seems easy, but I've found it to be a PITA.
A. DoH (DNS over HTTPS) wraps DNS queries inside HTTPS traffic
B. DoT (DNS over TLS) sends DNS queries over a TLS-encrypted channel

You enable iOS 14 & up DoH using Settings > Wi-Fi > DNS & you enable
Android 9+ DoT with Settings > Network & Internet > Advanced > Private DNS.

You enable DoH on Windows in Settings > Network & Internet > Change adapter options > DNS settings where Windows 11 is still DoH but the GUI is better.

On Android devices, you can add a system-wide firewall such as NetGuard.
It can block Wi-Fi/CellularData access per app. Not available on iOS.

I don't have much experience with RethinkDNS, but it's a FOSS Android app
that combines encrypted DNS (DoH/DoT/DNSCrypt) with a system-wide firewall.
i. RethinkDNS = firewall + encrypted DNS (DoH/DoT/DNSCrypt) + blocklists
ii. NetGuard = firewall + per-app blocking + ad/tracker blocklists

You'll never have any privacy/security on iOS, which sucks at both (and
anyone thinking it doesn't suck, clearly doesn't know anything about iOS).

While we're at it, it's probably a good idea to put smart TVs, cameras, and
IoT gadgets on a separate VLAN or guest SSID, and it goes without saying further that you should change the rude/ignorant default iOS/Android setup.

What did I miss?
--
I invest energy in responding to Usenet posts because I care about people getting full & complete information so we move tribal knowledge forward.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

On 2025-12-01 15:50, Marian wrote:

Carlos E.R. wrote:

As to "bandwidth theft": I'm sure his accidental use, doesn't deserve >>> your harsh condemnation.

In my view, using an open WiFi is permitted.

I agree with both Carlos & Frank since I agree with anyone, no matter who they are, if they post a reasonably sensibly logically stated view.

However... I just looked up US case law on this topic for the first time,
and while case law may well differ in Frank's & Carlos' location across the pond, I'm assuming the OP is in the United States whose law I looked up.

Below is a copied-and-pasted response from the references...

In the United States, using a neighbor's open Wi-Fi without permission is generally considered unauthorized access under federal and state law. Even
if the network is unsecured, courts have treated this as potentially
illegal. Case law and statutes (like the Computer Fraud and Abuse Act) support that "piggybacking" on someone else's Wi-Fi can be prosecuted,
though enforcement is rare unless other crimes are involved.

Federal Law - Computer Fraud and Abuse Act (CFAA): The CFAA (18 U.S.C. Sec. 1030) makes it a crime to intentionally access a "protected computer"
without authorization. Courts have interpreted Wi-Fi routers and networks
as "protected computers." Thus, connecting to a neighbor's Wi-Fi without consent can fall under this statute.

Many states have their own computer crime statutes that prohibit
unauthorized access to networks. For example, Florida and Michigan have prosecuted individuals for unauthorized Wi-Fi use under state computer
crime laws.

But how do you know it is not authorized?

By default, a phone will connect to an open WiFi without asking. At
least, it was so several years ago, I don't know currently because the configuration is cloned from one phone to the next.

And Windows I think does the same, which is, I understand, what happened
to the OP.

I take that "looking" inside the network is not legal. But using a WiFi
that is open? I know some people that intentionally left their WiFi open
to any one that wanted. That was the view.

But then, USA people are quite paranoid about private property, and can
shoot an intruder without asking.


(several examples trimmed)


Here, some people were taken to court for "illegally downloading
movies". In their defence, they said that it was not them, but somebody
else using their WiFi, and the reverse could not be proven. They kept
their WiFi open. They won. :-D
--
Cheers, Carlos.
ESEfc-Efc+, EUEfc-Efc|;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

Carlos E.R. wrote:

Many states have their own computer crime statutes that prohibit
unauthorized access to networks. For example, Florida and Michigan have
prosecuted individuals for unauthorized Wi-Fi use under state computer
crime laws.

But how do you know it is not authorized?

Hi Carlos,

I understand your point of view, where I also would have considered an
"open" Wi-Fi (which we must assume the OP is using as he'd need a
passphrase otherwise) to be considered de-facto authorized for use.

Especially if that open Wi-Fi didn't have a subsequent authorization screen like those I see in my doctor's office or at the local Starbucks or hotel.

Of course, a neighbor's open Wi-Fi access point wouldn't likely have an authorization screen, but I was surprised when I looked at case law in they
USA (see prior post) that NONE of the references I cited had subsequent authorization screens, and all were prosecuted by the police successfully.

Having said that, Windows sure does make it easy to accidentally connect to open Wi-Fi access points, which is why I had suggested the BLOCK command,
which will instantly solve the problem of accidental connection (once the
OP is aware of the access point being accidentally connected to of course).

By default, a phone will connect to an open WiFi without asking. At
least, it was so several years ago, I don't know currently because the configuration is cloned from one phone to the next.
And Windows I think does the same, which is, I understand, what happened
to the OP.

As far as I'm aware, by default, iOS and Android devices do not
automatically connect to random open Wi-Fi networks unless the user has previously joined them. However, once the user manually connects to an open access point, the device may attempt to reconnect automatically in the
future. To stop this, we can adjust Wi-Fi settings on both iOS and Android
to disable auto-join or auto-connect for specific open networks.

Windows also does not automatically connect to unknown open Wi-Fi networks
by default. It only auto-connects to networks we've previously joined if
the 'Connect automatically' option was enabled. To stop this, we can
disable auto-connect for specific networks or delete their saved profiles.

For Windows, I would suggest the BLOCK command that I previously posted.
netsh wlan add filter permission=block ssid="SSID" networktype=infrastructure

I take that "looking" inside the network is not legal. But using a WiFi
that is open? I know some people that intentionally left their WiFi open
to any one that wanted. That was the view.

I agree with you, but the law (in they USA) doesn't seem to agree (AFAIK).

Personally, I know a neighbor who advocates everyone having an open Wi-Fi
so that anyone anywhere can have Internet access, but I live in a hilltop
rural area where there is no cable or fiber so we all get our Internet over
the air.

As a side note, I keep advising that neighbor that someone could do
nefarious things on his IP address but he's not worried about that.

But then, USA people are quite paranoid about private property, and can shoot an intruder without asking.

In my town, that's never happened to my knowledge, but in a country of 350 million people, murders occur daily, but doorstep murder is rather rare.
<https://www.fbi.gov/file-repository/reports-and-publications/2024-active-shooter-report>

Here, some people were taken to court for "illegally downloading
movies". In their defence, they said that it was not them, but somebody
else using their WiFi, and the reverse could not be proven. They kept
their WiFi open. They won. :-D

Yes. In the USA, the prosecution must prove YOU did it, as it's not
sufficient that "anyone" could have done it based on our Constitution.

As for movies, they're generally torrented, which is a special legal
situation since US copyright law requires tenets that torrenting avoids.

In fact, we've had this legal-torrenting discussion on the Apple newsgroups
for years (since iOS is so brain dead that it can't torrent even as macOS
can torrent), where there's never been a single successful USA case (see caveat) where ANYONE in the USA has been found guilty of torrenting
mainstream movies if they decided to fight the case in court.

Plenty of people paid the fees asked of them by the copyright owners'
lawyers, but NOBODY in the USA has ever been convicted of torrenting
mainstream movies in the history of the USA who fought the charges.

Caveat: The Maple Media Porn Cases were an egregious example where the
lawyers themselves were serving the torrents & they were disbarred.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

In regard to the original subject ("Can my neiighbor, whose wifi I'm
using, see what I'm doing?"), I can't speak to what your particular
neighbor could or is doing, but from a theoretical standpoint, the
answer is Yes: some routers have the ability to do selective packet
tracing, allowing forwarding to somewhere else a copy of all packets
to and/or from a particular host, and they can then be recorded.

The packet headers (containing the IP addresses of the hosts you
connect to) will certainly be readable.

If the data portion is encrypted, then, to first order, it won't be
readable (which is why https, TLS, and other encryption is generally encouraged).

If you're using a VPN, and if your DNS queries use the VPN, so that the
only connections your host makes are to the VPN, the IP addresses in the
packet headers will only be that of the VPN, not the hosts you're
ultimately connecting to, making those IP addresses less informative.

On to the next topic ...

As a small part of an otherwise interesting article,
Marian <marianjones@helpfulpeople.com> wrote:

In the United States, using a neighbor's open Wi-Fi without permission is generally considered unauthorized access under federal and state law. Even if the network is unsecured, courts have treated this as potentially illegal. Case law and statutes (like the Computer Fraud and Abuse Act) support that "piggybacking" on someone else's Wi-Fi can be prosecuted, though enforcement is rare unless other crimes are involved.

[and much more]

It'll be interesting to see if/how that means Amazon Sidewalk design
and devices constitute widespread unauthorized access.

Sidewalk devices use Ring doorbell and Amazon Echo devices as routers
and are allowed to use up to 500MB worth of data from each such router.
The owners of these devices are not allowed to see who their devices
connect to (either direction). Furthermore, Sidewalk device connections
are enabled and allowed by default ("opt out", not "opt in"), so this
will, in many cases, happen without the Ring/Echo owner's knowledge, understanding, or explicit consent.

-WBE
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

Winston wrote:

It'll be interesting to see if/how that means Amazon Sidewalk design
and devices constitute widespread unauthorized access.

Sidewalk devices use Ring doorbell and Amazon Echo devices as routers
and are allowed to use up to 500MB worth of data from each such router.
The owners of these devices are not allowed to see who their devices
connect to (either direction). Furthermore, Sidewalk device connections
are enabled and allowed by default ("opt out", not "opt in"), so this
will, in many cases, happen without the Ring/Echo owner's knowledge, understanding, or explicit consent.

Hi Winston,
I was unaware of this. I'm on Amazon Vine so I get all sorts of cameras for free but I noticed all of the cameras on Vine went to the Internet instead
of ONLY to your router or only to the sd card on the camera itself.

While I'm using them, I put them in places that don't show me personally
(e.g., I put them in the driveway instead of pointing at the house), but it always dismayed me that the signal for these inexpensive cameras went to
the Internet BEFORE it went back to your router and then to your phone.

But I was completely unaware that "some" of these brands allow others to
share up to 500 MB/month of its internet connection with nearby Sidewalk-enabled devices.

Looking it up, you're 100% correct. Sidewalk is enabled by default on compatible devices. Owners must manually opt out in settings. Worse, device owners cannot see which devices are connecting through their Sidewalk
bridge, nor the traffic details.

With Sidewalk, Amazon has pre-authorized this access by design, and the
device owner agreed to Amazon's terms of service when setting up the
device.

The catch is many users may not realize they consented, since it's opt-out.

I think the situation is similar to the Wi-Fi router access point unique
BSSID & GPS location of your home uploading which is also opt out.

People can't opt out until/unless they know that they can opt out.

Luckily, for Wi-Fi access points, opting out is as easy as not broadcasting your SSID (which prevents casual upload to the public datbases) or adding "_nomap" to the end of the SSID (which doesn't prevent upload but
well-behaved database owners "say" they'll scrub those from the database).

I'm still unsure of the status of the Microsoft _optout_ mechanism though.
<https://superuser.com/questions/1005235/wi-fi-opt-out-microsoft-google>
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.internet.wireless

On 2025-12-02 18:56, Marian wrote:

Winston wrote:

It'll be interesting to see if/how that means Amazon Sidewalk design
and devices constitute widespread unauthorized access.

Sidewalk devices use Ring doorbell and Amazon Echo devices as routers
and are allowed to use up to 500MB worth of data from each such router.
The owners of these devices are not allowed to see who their devices
connect to (either direction). Furthermore, Sidewalk device connections
are enabled and allowed by default ("opt out", not "opt in"), so this
will, in many cases, happen without the Ring/Echo owner's knowledge,
understanding, or explicit consent.

Hi Winston,
I was unaware of this. I'm on Amazon Vine so I get all sorts of cameras for free but I noticed all of the cameras on Vine went to the Internet instead
of ONLY to your router or only to the sd card on the camera itself.

Well, it is the only way to do it (commercially), meaning watching the
camera while not at home.

You could use safe cameras that do not connect to internet on their own,
but instead need a local server inside the same LAN. And to connect from outside you would have to create a setup that includes either an
external server, or a dyndns address pointing to your home.

Possibly these cameras are more expensive. They do exist, it is what any entity in Europe would have to create for security cameras within the
privacy laws. I don't know how to find them on Amazon, what search text.
Maybe USB cameras.

And by the way, it would be possibly to do this commercially if IPv6 is deployed, without using their external server.


Only to the SD card might be possible if you do not hire their external storage and disable mobile phone use. But many cameras do their initial configuration via an Android App. If there is registration, bad.

...
--
Cheers, Carlos.
ESEfc-Efc+, EUEfc-Efc|;
--- Synchronet 3.21a-Linux NewsLink 1.2