It occurred to me that Lubomir Sedlacik wrote in gmane.os.netbsd.devel.kernel:

> On Tue, Apr 18, 2006 at 05:38:28PM +0000, Martijn van Buul wrote:
>> If you want to have useful roaming support, I think you'd need to have
>> a background daemon connecting to whatever network it "knows". I kind
>> of like that feature from (excusez-moi le mot) Windows XP.=20
>
> are we talking about the same (mis)feature as described in
> http://www.securityfocus.com/archive/1/422250 ?

Yes. And it's not a misfeature merely because Windows just happens to have it.
The securityfocus article merely sums up the risk of using unencrypted
networks, and using *only* the network name for authentication[1]. But really,
if you're using an unencrypted network, you have more possible security issues. 

Wireless networks are a certain security risk. Period.

Martijn.

[1] It's a bit peculiar to see how most APs do MAC address filtering to
    prevent rogue clients from joining, but I haven't seen anyone check the
    MAC address of the AP they're associating with in an attempt to prevent
    joining a rogue AP. I know this would not solve the issue at hand, but it
    would raise the bar *considerably*.