I guess it comes down to whether there should be an indication it is public, or an indication it is private.  I believe it should be the AP owner's responsibility to notify it is private.  They don't have to be an expert in security, they just have to read the manual.  Simple MAC filtering would be enough of an indication that it is private.  I'd even count having it open and naming the AP something like DoNOTconnect or PrivateNetwork; similar to a no trespassing sign.

So instead of trying to "steal" or borrow in your case, their network why don't you knock on there door and try to educate them.  Yes I know people can read the manual but there are "baby boomers" and "Gen X" people that these manuals make no sense to.  With knowledge comes responsibility, so instead of doing something malicious help these people out.

That is an alternative solution.....

I don't view it as stealing or malicious because they are offering a service.  And it's not borrowing because they aren't getting it back (they probably wouldn't even notice it missing).  It's simply using a service they offered.  If someone chooses not to shred their trash and they leave it in a public place like on their curb, it's their own fault if someone takes their trash and goes through it.  If someone uses the trash for illegal purposes, or by passes security such as even the most insecure lock in the world to get to the trash or ignores a no trespassing sign, THEN that's a crime.  If someone is broadcasting use of their open wifi to the world, it should be their own fault for not enabling any security and ignoring warnings that it's not secure.

Like I've said, there is also the analogy of someone creating a private web page on a website and choosing not to protect it at all and ignoring warnings.  Then the person who sees it advertised (indexed) in google, who has no malicious intentions, and clicks the link and that person should go to jail?  Nope.  It's the sites owner's fault for negligence.  Even though Apache defaults to making the web page public just like an AP might, even though the site owner has no idea what they're doing, it's still the owner's fault for not making any effort to limit access.

I never used an open access point.  I've never even owned a smartphone.  I'm about to get a wifi card for my desktop though to test my own wifi security and was hoping to also use it for open wifi networks.  Kind of bummed the last part is considered illegal.



That's the thing though, it's not a matter of tech savvy people taking advantage of those who aren't.  There are way more people who don't understand technology than geeks, so I'm sure there are more computer illiterate people breaking this law than geeks breaking it.  But yes I have thought about yesterday and today of notifying people who may of accidentally have setup open wifi...

That's good to know. I've seen way too many routers that you can take out of the box, plug it in, and it's already up and running with a typical wifi name (like Linksys or Netgear), absolutely no protection, and utilize a default username and password for the admin console. Many people will see this, "it's working!", and never look at it again. While driving through my neighborhood with a laptop running airodump-ng or kismet, I can still find dozens of networks like this.

Offering a service?  A service has to be advertised as a service which was post before.  So no its not a service.  

"And it's not borrowing because they aren't getting it back (they probably wouldn't even notice it missing)."  Jelly beans at the candy store are small and the owner would not miss if 10 or 15 were missing, so it makes it right to take 10 to 15 because he would not notice?  See this thing called "morals" tells me its wrong.

" If someone chooses not to shred their trash and they leave it in a public place like on their curb, it's their own fault if someone takes their trash and goes through it.  If someone uses the trash for illegal purposes, or by passes security such as even the most insecure lock in the world to get to the trash or ignores a no trespassing sign, THEN that's a crime."  And if you check with the ISP they will tell you the same thing about using another persons internet .  

"If someone is broadcasting use of their open wifi to the world, it should be their own fault for not enabling any security and ignoring warnings that it's not secure."  Like I stated before they might not understand and it takes "ethical people" to help them out.



You should do more then think about it, you should do it.

Okay, but how is that any different than someone who isn't technical, spending money setting up a website they want to be private and not enabling any security what so ever to make it private.  If someone clicks a link to it, they haven't been explicitly authorized to use the network and server resources that they didn't pay for, but they can because it was configured to be open and therefore assumed to be public.  I just think open wifi networks should be considered the same way.


If the owner of the AP, configures their AP to offer its services without any restrictions, that should count as authorization for the same reason as when someone setups a web server to offer its services without any restrictions, it is implied authorization.

Eleven, why are you trying to defend this so much?

We've already covered the basics, having an open access point DOES NOT imply authorization, and the law EXPLICITLY says "unauthorized access" is a violation. What more is there to discuss?

If you want to change the laws, send a letter to your congressmen. You asked why it was illegal, and we answered. The rest is an ethics question, and you already know where we stand. We can talk this in circles all you want, but now you know the law, it doesn't matter if you feel like it should be okay or not.