[galvan]

Ah, iodine. I've used it in airports, hotels, cafes - it's great. The only drawback is that it's slower than dialup and latency is off the charts. But when you're stuck on a cruise ship and internet access is $8 a minute, being able to ssh somewhere and browse the web and check your mail very slowly through links is worth it.

[batbomb]

I usually just spoof mac addresses of people who already paid in most of those cases, the caveat usually being somebody had to pay.

[Steuard]

I hope you're not still talking cruise ships here! Those folks are often paying high prices by the minute or by the megabyte for access: you'd be pretty literally stealing from your neighbors in that situation. (The moral issue for pay-by-the-day systems is one step further removed, but I think it's still real.)

[jrockway]

802.1x covers access control to networks. MAC addresses are not for access control.

Not that a court would agree with my logic, of course.

[WiseWeasel]

Yeah, you might have a tough time explaining to the judge that Media Access Control addresses are not for access control.

[AnthonyMouse]

In this context "access control" doesn't mean what you think it does. It refers to multiplexing the communications of multiple devices over a single shared communications medium, as in "controlling" (arbitrating) shared access to the radio spectrum. It has no relationship to network authorization or authentication and provides no security whatsoever.

http://en.wikipedia.org/wiki/Channel_access_method

Calling it "access control" has always been confusing which is why people started calling it Machine Address Code or Ethernet Hardware Address instead.

[growupkids]

Regardless, the judge is going to look at intent and knowledge. You knew this was a paid service, and your intent was to not pay. You understood this was a way to avoid payment, and you understood that someone else had paid for access.

[ceejayoz]

> In this context "access control" doesn't mean what you think it does.

Good luck explaining that to the judge.

[annnnd]

Doesn't really matter - it might (!) be legal, but it is immoral (if they really are paying by MB).

[brianpgordon]

I was staying at a Hilton (Omaha, NE) last night and their captive portal scared me off by putting the MAC address, IP address, and user agent in the query string, plus network stuff like the VLAN id and the MAC address of some piece of network gear that's servicing you. It seemed like they had a pretty complex system to deter abuse.

Of course, I just tethered my phone and got way better service than their crappy $10/day wifi.

[UVB-76]

If those people have a download limit that's rather unscrupulous.