Russia was just a side blow at allofmp3.com π
Inoccent until guilty – yes. But “wantonly negligent” means to be guilty of carelessness. E.g. sure you may choose to not use any WiFi protection at all. What will happen if someone misuses it is that you’ll get convicted for complicity – even though there’s no law that forces you to use WPA, the judge can and often will – without any specialist – just remember he read that WEP is unsafe in some tabloid and decide based on that. Happened just a few months ago in Hamburg (Germany), for example. It was actually very similar to your telephone example – they tried to defend themselves by saying that someone misused their Internet through their open wireless to share files – still their fault! And I remember reading about similar verdicts in some U.S. states.
Even with the 911 call its not that simple. If you would’ve been there while he talked, you would’ve been a accomplice if you hadn’t tried to stop him. If you wouldn’t have been there, you either let your door unlocked (which would be wantonly negligent in most rural areas – again partly your fault), or he broke in, in which case you’re quie clearly the victim I’ve got to admit π
Whenever I look at the coffee cup from my last trip to the U.S. I have to think about this million dollar “Contents may be hot” verdict – based on that, it seems that if you do not write “Do not misuse for 911 calls” on your phone, you’re responsible π And similar warnings, for stuff we would regard as common knowledge in Europe, is something I find on really a lot of U.S. stuff π
Ok, so there are tools out there that let you download all files from a DAAP share. Which leaves than weak password – a dictionary attack should suffice for a weak one I would assume. Sure, no one would admit to have broken in, that’s quite right. But do you have that much trust in the system? An attorney can make a few thousand bucks just on the cease & decist. All he’s got to do is use an anonymous remailer (or cybercaffee as you mentioned π ) and “you’ve been sharing”… sure that’s not legal, but how do you try to tell the judge that it wasn’t you who posted that? And why should it be unlikely? It’s possible for others to download files through it, and let’s be honest, many attorneys who’re looking for violators – employed by the music industry or their own, NOT by the law – take everything they can.
I believed in the law myself at some point. Before I lost 3 or 4 times in court because of judges who live on their golf court and want to get there asap, but have no idea about technology. Quite a difference between being on the “good” side and getting that acknowledged by a court. Sad but true, and this includes the U.S. π Bad experience has destroyed any pragmatism there π
Btw, without having your IP I wouldn’t attempt at doing so – too much work for me, the scenario above is for. Since I have some DAAP code lying around I wrote for browsing, a simple loop attempting a password list (you mentioned a weak password π ) would be ready within minutes π – for a given IP; I’m not going to spend a few hours port-scanning just to find any (surely not yours) open port 3689, since that part if proven π