I have a feeling the reluctance toward default security will be overcome, for better or worse. Microsoft is a prime example.

No company wants to foist the burden of security management on their customers, but unfortunately it's inevitable. In the meantime, just because someone has made wifi available, wittingly or unwittingly, doesn't automatically mean they're sharing-- regardless of how hotspot seekers work (technological ability or process does not trump law). It's always best to get permission. However, I expect very few prosecutions so jumping on the occasional news release of one here or there is probably exaggerating the situation.