Forgive my ignorance, but are you saying that if I know the key to a WPA-PSK secured network, I can listen in to other connections accessing that same network?

Does this apply to WPA2 as well?

Yes. WPA and WPA2 secure the network segment as a whole, not conversations between each pair of devices on the network.

Forgive my ignorance, but that seems like insanity. Security 0.1 stuff, below even 101. Why is it still like this?

This is the way a normal ethernet network works. Consumers expect it. For instance, I have a printer that connects to my WPA2 network, how else would I print stuff?

Wired != wireless. One is passively observable, the other isn't.

How else would you print stuff? How does the printer having its own encrypted channel prevent it from printing stuff?

> Wired != wireless. One is passively observable, the other isn't.

Not true. Ever heard of promiscuous mode?

> How does the printer having its own encrypted channel prevent it from printing stuff?

It doesn't. You can set up an encrypted channel between your computer and the printer by using a secure printing protocol. The point is that "the network" doesn't provide secure channels between all pairs of clients; it's up to the clients.

Promiscuous mode in a wired network still requires you to physically connect to the network. At best you can use a passive EM detector to see all the traffic on a set of wires, so you don't have to cut them temporarily, but that still requires physical contact, and can only see things which are routed down that cable. For any business that guards its doors and ethernet ports, and has routers/switches instead of hubs, this is pretty much complete security.

For wireless, you... sit up to a few hundred feet away (miles if you have a good parabolic antenna), and run Wireshark. It's entirely passive and undetectable.