Agreed. But evidence? I've tried to convince the businesses to talk to the police. But, what they heck do the police/businesses do? How do you prove that there is a crime? They probably would believe me and would probably knock on doors and probably get a warrent. Then what? I'm not a professional cyber security person so how do I prove that device if found is causing damage?
Also, the device is intermittent. I can collect traces, but who do I send them to?
I called the police once when I noticed a wifi AP that was MiTM'ing traffic at the local Kroger. They sent someone out and said it was a misconfigured system in the Deli.
Guy was real nice and seemed to understand what I was worried about.
In the US, what law makes it illegal to MitM network traffic using a WiFi evil twin or other technique? I'm genuinely curious because I was under the impression there are generally no such statutes and that the only thing that would be illegal is if the MitM used found credentials.
It doesn't have to be illegal for the cops to check it out. Sometimes it scares people off.
I had an officer acquaintance who said he pulled over a car with a shotgun in the back seat and asked who it belonged to, nobody was willing to claim it. He impounded it as abandoned property despite it being perfectly legal to possess.
The CFAA only applies to protected computers and intrusion into those computers. Watching network traffic or modifying network traffic in a MitM possition, without using found credentials doesn't seem to rise to the level of a computer intrusion. Of course, it's unlikely a protected computer is going to be connecting to a public WiFi AP in the first place..
> The only computers, in theory, covered by the CFAA are defined as "protected computers".
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
Also, the device is intermittent. I can collect traces, but who do I send them to?