if you can use the router anyone can use it. It is basically an open and unprotected Access point. There are different ways to make the connection secure. WEP- Preshared keys used for encryption 802.1x - uses radius server for authentication and accounting and uses WEP for encryption WPA- uses radius+TKIP for encryption WPA/PSK- uses preshared key but uses TKIP All of these security mechanish needs the setup in the Access point. If you can set it up in the AP then the owner won't be able to use it and will trigger a red flag. you can use application layer encryption and vpn for privacy over the insecure connections but normal browsing won't support them so you have no choice for normal browsing but if you goto secure sites then it will use https and will be encrypted.