Cracking arbitrary addresses - funds that belong to other people - is completely different. IMHO.
If you find a large wallet in low addresspace (or address with collision to low addresspace) then actually you've done a security audit.
Whether you are thief or not is decided by your FOLLOWING actions, but not the fact that you bruteforced something.
Yes, I agree with that. You can still find something without actually taking possession of it. Since I started SHA256 brainwallet research I've been bitten by the password cracking bug, for no reason other than the rush of seeing my system spit out a new password.
To muddy the waters a little, some people may suggest that moving funds from an insecure address may actually benefit the owner of those funds. For a while there was a bot actively