I normally confine my evangelism to the Wireless Networking forum, but since this hit the front page ...

Conversations about vulnerabilities in WEP always seem to include some variation on a couple of themes, and they are myths. The difference between belief in dragons, egg-laying rabbits or Bigfoot and some of the myths surrounding wireless is the impact. Believing that you are secure by taking useless steps is worse that taking no steps at all.

MAC addresses are passed through the air in cleartext - unencrypted - plain view - regardless of your encryption settings. Capturing a MAC address and spoofing it takes about as much technical prowess as making a peanut butter sandwich. Adding MAC address filtering does make your network more complicated to administer, which means more prone to fat-finger errors. It does not, however, make it safer.

Likewise, the myth of "hiding" your network by disabling SSID broadcast has been covered many times by many learned experts (which I am not). It bears repeating that you cannot hide a wireless LAN short of turning off the radio. Your SSID will be broadcast and can be forced to broadcast at will. It will be visible to anyone within range and in possession of those same sandwich-making skills.

Add some jelly, to continue the metaphor, and the IP address of your clients and AP will be available.

WEP is and has been broken. The tools and techniques needed to get past it have improved, but it's still not a trivial task. Chocolate souffle' level stuff, maybe. If you're relying on it and thinking that you're immune, the article may be just the wakeup call you need.