rider: On the client side with XPSP2 I would suspect that this isn't quite such as big deal as the WAP's themselves but I do get your point.

Seems to me that I can go anywhere and do anything completely anonymously because the unprotected WAP's give me almost unlimited opportunity.

Lets say I'm a terrorist and whether I am or not I think there is a high possibility that I am being watched. The scanario goes something like this......

1. OBL has a mail server in Jakarta listening on port 1234
2. I wardrive while going to work and save the log.
3. I get home and pick my three target WAP's that make it look like I will get straight on.
4. I configure my laptop to connect to them automatically.
5. I write a script that begins to ping yahoo constantly until I get a reply.
6. When Yahoo replies the script then runs a .reg file to alter my MAC address then deletes the .reg, disconnects and reconnects to the WAP.
7. The script sends a message to OBL's mail server with my encrypted attachment.
8. When the message is sent the script checks for mail and d/l's the encrypted IP address and port of the next mail drop, (they rotate on OBL's end for security's sake).
9. When the send/receive are done the script runs a .reg file that changes my MAC back to normal and deletes the .reg file and terminates.
10. I fire it up and drive to work.

Even if I am being followed and listened in on it will appear that the transmission came from somewhere else and that all I was doing was driving to work.

and that isn't all that difficult to do..........