I suspect it's much worse than that. Consider a tool like Wireshark, which is widely used by people developing and testing all kinds of networking software, which in turn handle small tasks like running every home and office network on the planet, not to mention the Internet. Of course, any protocol analyser that you can hook up to your switch/router/etc. to make sure it's sending the right traffic in the right directions could also be stuck on a laptop near any unsecured WiFi network and used to sniff other network users' unencrypted traffic.
The correct solution to this problem, if secure communications is your primary concern, is for the people who understand the technical and security implications to make networking secure by default. Get rid of unsecured WiFi and replace it with something using full-time encryption.
It's also important to educate users of insecure networks so they understand the risks and know what to look out for and what they should do and not do to protect themselves. Use HTTPS where it's available, check you've got the little padlock icon before you type private information into a web site, that kind of thing. Obviously much of this is good practice if you're using the Internet, even if your immediate connection is over an encrypted wireless link.
Of course, there is always option 3: do nothing about the technical vulnerability, but legislate to ban Wireshark and numerous other "hacking tools" like it in the hope that bad people won't exploit that vulnerability. Unfortunately we'll probably have to close down the Internet shortly afterwards and revert to connecting a printer to everyone's PC at the office so they can exchange documents, because no-one will be able to make any networking kit that actually works any more. But that's a small price to pay, for at least we will have stopped Evil Hackers from monitoring our networks!
(Obviously there's a little hyperbole in that last part. But only a little...)
The correct solution to this problem, if secure communications is your primary concern, is for the people who understand the technical and security implications to make networking secure by default. Get rid of unsecured WiFi and replace it with something using full-time encryption.
It's also important to educate users of insecure networks so they understand the risks and know what to look out for and what they should do and not do to protect themselves. Use HTTPS where it's available, check you've got the little padlock icon before you type private information into a web site, that kind of thing. Obviously much of this is good practice if you're using the Internet, even if your immediate connection is over an encrypted wireless link.
Of course, there is always option 3: do nothing about the technical vulnerability, but legislate to ban Wireshark and numerous other "hacking tools" like it in the hope that bad people won't exploit that vulnerability. Unfortunately we'll probably have to close down the Internet shortly afterwards and revert to connecting a printer to everyone's PC at the office so they can exchange documents, because no-one will be able to make any networking kit that actually works any more. But that's a small price to pay, for at least we will have stopped Evil Hackers from monitoring our networks!
(Obviously there's a little hyperbole in that last part. But only a little...)