Someone's said in the Ars Technica comments that MAC addresses are freely available in the packets-in-flight, and MACs are spoofable, so MAC filtering will only deter the casual, passing wifi-borrower, not anyone actually determined to gain access.
WPA2 with good password, at least, would put up a non-negligable barrier in terms of the number crunching required; in contrast, getting around MAC filtering would take effectively no time at all.
The only in-the-wild attacks against WPA2 are variations of brute-force attacks.
There are precomputed rainbow tables of common SSID+passphrase combinations floating around, but as a general rule, WPA2 with a sufficiently complex passphrase should be secure against anyone who doesn't have a massive compute cluster at their disposal.
