The article misses one critical security aspect, which is probably the most important aspect. Security in WiFi is only partially about encrypting the traffic such that no other users in the same WiFi can eavesdrop on your data. Most mail providers offer some sort of encryption (HTTPS, POPS, ...) that can be used to transfer data from the own computer to a server securely.
However, the main security concern with open WiFi networks is that everybody can use them to do anything on the web. The person who runs the hotspot is responsible for the traffic that comes from this hotspot. If someone is using your internet connection to do anything illegal such as downloading child porn or something like that, there's no way to trace that back to the person who uses your WiFi.
The real issue is not about encryption, it is about identifying the users of a WiFi such that it holds strong in court if there are claims and one wants to prove his innocence. And I personally can't think of a secure out-of-the-box and easy-to-use solution that offers exactly that: protection from actions/attacks performed by others in your name over your WiFi without making them register and somehow prove their identity.
In legal regimes where you don't have vicarious liability for any activity short of activity that is authorised or abetted, having an open wifi could actually be a useful legal defence, compared to a situation where even though there is security on your wifi, you either get hacked or someone does something naughty but you're not sure who it was. You'd have a hard time proving this happened, and if you failed, the suspicion falls right back onto you; with open wifi, "ignorance is bliss"; the prosecution would probably have to downright prove it was your doing, because it would be hard for the court not to (rebuttably) presume it was an unknown user. At least in the UK, this is largely the case, though rightsholders have tried to force case law (Brown & ors v Polydor & ors) and legislation (Digital Economy Act 2010) in the direction of harsher vicarious liability.
Good point. So the discussed aspect depends on the country you're in. In Germany, the WiFi operator is held responsible for everything coming from his IP address. This resulted in some very ridiculous court cases in which 70 year old people are accused of downloading music and movies via BitTorrent.
However, the main security concern with open WiFi networks is that everybody can use them to do anything on the web. The person who runs the hotspot is responsible for the traffic that comes from this hotspot. If someone is using your internet connection to do anything illegal such as downloading child porn or something like that, there's no way to trace that back to the person who uses your WiFi.
The real issue is not about encryption, it is about identifying the users of a WiFi such that it holds strong in court if there are claims and one wants to prove his innocence. And I personally can't think of a secure out-of-the-box and easy-to-use solution that offers exactly that: protection from actions/attacks performed by others in your name over your WiFi without making them register and somehow prove their identity.