Just an idea to go with the whole SSL spoofing / pineapple concept.
Why not add a deceptive captive portal page purporting to be a security update from "insert social engineering trick here" requiring the noobs to accept a cert or even a new cert authority before they are given access ?