In the US, what law makes it illegal to MitM network traffic using a WiFi evil twin or other technique? I'm genuinely curious because I was under the impression there are generally no such statutes and that the only thing that would be illegal is if the MitM used found credentials.
It doesn't have to be illegal for the cops to check it out. Sometimes it scares people off.
I had an officer acquaintance who said he pulled over a car with a shotgun in the back seat and asked who it belonged to, nobody was willing to claim it. He impounded it as abandoned property despite it being perfectly legal to possess.
The CFAA only applies to protected computers and intrusion into those computers. Watching network traffic or modifying network traffic in a MitM possition, without using found credentials doesn't seem to rise to the level of a computer intrusion. Of course, it's unlikely a protected computer is going to be connecting to a public WiFi AP in the first place..
> The only computers, in theory, covered by the CFAA are defined as "protected computers".
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
