The trouble is that not using WEP looks like you're not bothering with the low level of security that's available in wireless. The fact that WEP only adds a 15 second - 15 minute delay to full access to the network both for legitimate and not-so-legitimate users means it offers more annoyance than security, but that doesn't alter the perception.
but it adds annoyance for the intended users. in the case of non- techs, considerable annoyance. and it gives negligible privacy.
There are also people ssh'ing to personal and corporate machines from the terminal room where the root password is given out or easily available. Are you saying people shouldn't SSH?
a prudent user does not ssh _from_ a machine they don't control or strongly trust whover controls it. and a public machine should be presumed to be dangerous. i don't ssh from the laptop of a friend to whom i would not give root access to all of my machines. the common attacks at nanog/ietf/... are o intentional from the outside. one should be very prudent with measures on servers etc, and install and monitor an ids such as bro. this is bog standard net and system adminstration. o intentional over the wireless. - the users need to be told how to operate more safely, use end-to-end authentication and privacy, etc. it's a matter of education. and the education will stand them in good stead when they use 802.11 at starbucks, airports, etc. we do this at ietf, but it is not allowed at nanog. - users need to be told when they're operating unwisely. we post passwords or other embarrassing, but not revealing, data. we will do this at the atlanta ietf, but it is not allowed at nanog. - and we need to monitor the air traffic to detect when users are actually being exploited. this is an ops/research area, but is being played with at ietf, but is not allowed at nanog. o unintentional dos of the wireless. this is caused by users' mis-configurations of various kinds, win/mac configured as access points, ad hoc mode, ... detecting and dousing these are still an ops/research araa. as far as i can determine, the reason standard education and defenses are not allowed at nanog is because we fear the nanog net operators monitoring traffic. i.e. we would rather have users raped than have prudent folk notice them in their skivvies. hear no evil, see no evil, speak no evil. it's a comfortable feeling. randy