I've changed my MAC/moustache plenty of times to "deceive some guards". Actually I'm doing it right now, this Comcast modem is a utter pain in the ass...
Or, if it is the "something valuable" part, would gaining access to that "something valuable" have been an issue if there was no deceit? Was Aaron's curl script A-okay right up until the point that he deceived?
Two questions you need to seriously answer to make changing your MAC address on Comcast's network to be the exact same thing as what Aaron did:
1. Are you bypassing a security mechanism by changing your MAC address?
2. Did you gain something and/or cause them losses exceeding $5,000?
> 1. Are you bypassing a security mechanism by changing your MAC address?
As far as I can tell? Quite possibly. If I don't make my router use my laptop's MAC address then I get hit with a captive portal at random times. This appears to be a security measure, though in my unresearched opinion I believe it to be a mis-firing of a security measure.
> 2. Did you gain something and/or cause them losses exceeding $5,000?
Considering the cost of my bill, it won't take me all that long to cross that limit.
The situation would be different if you were not paying Comcast, but still using technical trickery to defeat their network security and access their bandwidth.
So you really think that Comcast doesn't want you on their network with a router spoofing a laptop MAC today?
It's the intent to be somewhere you know (or ought to know) you aren't wanted that matters.
2.
It's not just "I did $5,000 worth of business." If Comcast had a program where they sold "router-attached Internet" for a price difference that totaled $5,000 over the price you paid for "computer-attached Internet" then you would hit CFAA levels.
This question seriously calls into question your profile description of "security guy". A security mechanism based on MAC is as effective as a security mechanism based on asking a stranger whether their name is Aaron Swartz, because Aaron Swartz isn't allowed on this network.
Please stop.
Note, that doesn't mean I think you should get 30 years in prison for simply walking across my lawn.
The fact that something is easy to bypass doesn't mean it's legal to bypass.
In fact, that "Aaron Swartz isn't allowed on the network" example is perfect. If I have a sign saying "Bob isn't allowed on my property" and Bob comes on my property, that's trespassing.
Is this activity illegal? Like most questions in law, the answer is, "it depends".
Are you paying Comcast for internet? If so, its probably not illegal because they have authorized you to access the internet through their networks.
However, if Comcast's network authentication was based on MAC addresses and you spoofed yours to match a paying customer's, that would probably be wire fraud.
> Or, if it is the "something valuable" part, would gaining access to that "something valuable" have been an issue if there was no deceit?
I'm not sure what other laws would be relevant if there was no deception, but it certainly wouldn't be wire fraud. Deception is a pretty integral component to fraud.
