Re: Oh boy...
Moreso, it shouldn't matter whether the WiFi is open or not - the data should be secured enough between your phone and the phone company. Just having encryption on the local link doesn't mean anything about the rest of the link, so treat everything as insecure.
As for the 'side-channel attacks' which boil down to detecting when a call is in progress, well duh. Just look at the volume/pattern of data flow and the destination... it's damn obvious when a call is in progress.
So yeah, I call "publish for publicity and funding" - there's no real vulnerability here.
Biting the hand that feeds IT
